cartography 0.93.0rc1__py3-none-any.whl → 0.123.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- cartography/__main__.py +1 -2
- cartography/_version.py +34 -0
- cartography/cli.py +903 -225
- cartography/client/aws/__init__.py +19 -0
- cartography/client/aws/ecr.py +51 -0
- cartography/client/core/tx.py +400 -27
- cartography/config.py +215 -10
- cartography/data/azure_permission_relationships.yaml +20 -0
- cartography/data/gcp_permission_relationships.yaml +21 -0
- cartography/data/indexes.cypher +1 -200
- cartography/data/jobs/analysis/aws_ec2_asset_exposure.json +17 -2
- cartography/data/jobs/analysis/aws_ec2_keypair_analysis.json +2 -2
- cartography/data/jobs/analysis/gcp_compute_asset_inet_exposure.json +1 -1
- cartography/data/jobs/analysis/keycloak_inheritance.json +30 -0
- cartography/data/jobs/cleanup/crowdstrike_import_cleanup.json +0 -5
- cartography/data/jobs/cleanup/gcp_compute_vpc_cleanup.json +0 -12
- cartography/data/jobs/cleanup/github_repos_cleanup.json +27 -0
- cartography/data/jobs/scoped_analysis/aws_ec2_iaminstanceprofile.json +15 -0
- cartography/data/jobs/scoped_analysis/semgrep_sca_risk_analysis.json +13 -13
- cartography/driftdetect/__main__.py +1 -2
- cartography/driftdetect/add_shortcut.py +10 -2
- cartography/driftdetect/cli.py +72 -75
- cartography/driftdetect/detect_deviations.py +7 -3
- cartography/driftdetect/get_states.py +20 -8
- cartography/driftdetect/model.py +5 -5
- cartography/driftdetect/serializers.py +8 -6
- cartography/driftdetect/storage.py +2 -2
- cartography/graph/cleanupbuilder.py +255 -35
- cartography/graph/job.py +104 -20
- cartography/graph/querybuilder.py +689 -91
- cartography/graph/statement.py +49 -36
- cartography/intel/airbyte/__init__.py +105 -0
- cartography/intel/airbyte/connections.py +120 -0
- cartography/intel/airbyte/destinations.py +81 -0
- cartography/intel/airbyte/organizations.py +59 -0
- cartography/intel/airbyte/sources.py +78 -0
- cartography/intel/airbyte/tags.py +64 -0
- cartography/intel/airbyte/users.py +106 -0
- cartography/intel/airbyte/util.py +122 -0
- cartography/intel/airbyte/workspaces.py +63 -0
- cartography/intel/analysis.py +4 -1
- cartography/intel/anthropic/__init__.py +62 -0
- cartography/intel/anthropic/apikeys.py +72 -0
- cartography/intel/anthropic/users.py +75 -0
- cartography/intel/anthropic/util.py +51 -0
- cartography/intel/anthropic/workspaces.py +95 -0
- cartography/intel/aws/__init__.py +137 -59
- cartography/intel/aws/acm.py +124 -0
- cartography/intel/aws/apigateway.py +482 -217
- cartography/intel/aws/apigatewayv2.py +116 -0
- cartography/intel/aws/cloudtrail.py +105 -0
- cartography/intel/aws/cloudtrail_management_events.py +962 -0
- cartography/intel/aws/cloudwatch.py +239 -0
- cartography/intel/aws/codebuild.py +132 -0
- cartography/intel/aws/cognito.py +201 -0
- cartography/intel/aws/config.py +63 -23
- cartography/intel/aws/dynamodb.py +108 -40
- cartography/intel/aws/ec2/__init__.py +2 -2
- cartography/intel/aws/ec2/auto_scaling_groups.py +254 -189
- cartography/intel/aws/ec2/elastic_ip_addresses.py +44 -14
- cartography/intel/aws/ec2/images.py +74 -39
- cartography/intel/aws/ec2/instances.py +262 -137
- cartography/intel/aws/ec2/internet_gateways.py +44 -13
- cartography/intel/aws/ec2/key_pairs.py +72 -39
- cartography/intel/aws/ec2/launch_templates.py +143 -66
- cartography/intel/aws/ec2/load_balancer_v2s.py +119 -45
- cartography/intel/aws/ec2/load_balancers.py +165 -147
- cartography/intel/aws/ec2/network_acls.py +233 -0
- cartography/intel/aws/ec2/network_interfaces.py +150 -87
- cartography/intel/aws/ec2/reserved_instances.py +48 -17
- cartography/intel/aws/ec2/route_tables.py +327 -0
- cartography/intel/aws/ec2/security_groups.py +189 -121
- cartography/intel/aws/ec2/snapshots.py +93 -91
- cartography/intel/aws/ec2/subnets.py +70 -58
- cartography/intel/aws/ec2/tgw.py +111 -39
- cartography/intel/aws/ec2/util.py +1 -1
- cartography/intel/aws/ec2/volumes.py +69 -41
- cartography/intel/aws/ec2/vpc.py +157 -116
- cartography/intel/aws/ec2/vpc_peerings.py +317 -121
- cartography/intel/aws/ecr.py +336 -93
- cartography/intel/aws/ecr_image_layers.py +923 -0
- cartography/intel/aws/ecs.py +310 -403
- cartography/intel/aws/efs.py +261 -0
- cartography/intel/aws/eks.py +55 -29
- cartography/intel/aws/elasticache.py +130 -83
- cartography/intel/aws/elasticsearch.py +70 -24
- cartography/intel/aws/emr.py +61 -23
- cartography/intel/aws/eventbridge.py +164 -0
- cartography/intel/aws/glue.py +181 -0
- cartography/intel/aws/guardduty.py +443 -0
- cartography/intel/aws/iam.py +978 -464
- cartography/intel/aws/iam_instance_profiles.py +73 -0
- cartography/intel/aws/identitycenter.py +847 -0
- cartography/intel/aws/inspector.py +330 -133
- cartography/intel/aws/kms.py +235 -209
- cartography/intel/aws/lambda_function.py +328 -176
- cartography/intel/aws/organizations.py +40 -19
- cartography/intel/aws/permission_relationships.py +144 -68
- cartography/intel/aws/rds.py +467 -412
- cartography/intel/aws/redshift.py +116 -50
- cartography/intel/aws/resourcegroupstaggingapi.py +198 -82
- cartography/intel/aws/resources.py +80 -42
- cartography/intel/aws/route53.py +419 -318
- cartography/intel/aws/s3.py +489 -96
- cartography/intel/aws/s3accountpublicaccessblock.py +157 -0
- cartography/intel/aws/secretsmanager.py +217 -40
- cartography/intel/aws/securityhub.py +23 -10
- cartography/intel/aws/sns.py +226 -0
- cartography/intel/aws/sqs.py +74 -96
- cartography/intel/aws/ssm.py +142 -33
- cartography/intel/aws/util/arns.py +7 -7
- cartography/intel/aws/util/common.py +31 -4
- cartography/intel/azure/__init__.py +259 -46
- cartography/intel/azure/aks.py +175 -0
- cartography/intel/azure/app_service.py +105 -0
- cartography/intel/azure/compute.py +141 -120
- cartography/intel/azure/container_instances.py +95 -0
- cartography/intel/azure/cosmosdb.py +706 -519
- cartography/intel/azure/data_factory.py +85 -0
- cartography/intel/azure/data_factory_dataset.py +128 -0
- cartography/intel/azure/data_factory_linked_service.py +119 -0
- cartography/intel/azure/data_factory_pipeline.py +142 -0
- cartography/intel/azure/data_lake.py +124 -0
- cartography/intel/azure/event_grid.py +94 -0
- cartography/intel/azure/functions.py +124 -0
- cartography/intel/azure/load_balancers.py +263 -0
- cartography/intel/azure/logic_apps.py +101 -0
- cartography/intel/azure/monitor.py +105 -0
- cartography/intel/azure/network.py +467 -0
- cartography/intel/azure/permission_relationships.py +466 -0
- cartography/intel/azure/rbac.py +309 -0
- cartography/intel/azure/resource_groups.py +82 -0
- cartography/intel/azure/security_center.py +106 -0
- cartography/intel/azure/sql.py +436 -392
- cartography/intel/azure/storage.py +467 -335
- cartography/intel/azure/subscription.py +49 -55
- cartography/intel/azure/tenant.py +46 -28
- cartography/intel/azure/util/common.py +13 -0
- cartography/intel/azure/util/credentials.py +58 -143
- cartography/intel/azure/util/tag.py +41 -0
- cartography/intel/bigfix/__init__.py +2 -2
- cartography/intel/bigfix/computers.py +93 -65
- cartography/intel/cloudflare/__init__.py +74 -0
- cartography/intel/cloudflare/accounts.py +57 -0
- cartography/intel/cloudflare/dnsrecords.py +64 -0
- cartography/intel/cloudflare/members.py +75 -0
- cartography/intel/cloudflare/roles.py +65 -0
- cartography/intel/cloudflare/zones.py +64 -0
- cartography/intel/create_indexes.py +5 -3
- cartography/intel/crowdstrike/__init__.py +26 -12
- cartography/intel/crowdstrike/endpoints.py +17 -45
- cartography/intel/crowdstrike/spotlight.py +13 -5
- cartography/intel/cve/__init__.py +91 -26
- cartography/intel/cve/feed.py +77 -56
- cartography/intel/digitalocean/__init__.py +22 -13
- cartography/intel/digitalocean/compute.py +75 -108
- cartography/intel/digitalocean/management.py +44 -80
- cartography/intel/digitalocean/platform.py +48 -43
- cartography/intel/dns.py +41 -12
- cartography/intel/duo/__init__.py +21 -16
- cartography/intel/duo/api_host.py +14 -9
- cartography/intel/duo/endpoints.py +50 -45
- cartography/intel/duo/groups.py +18 -14
- cartography/intel/duo/phones.py +37 -34
- cartography/intel/duo/tokens.py +26 -23
- cartography/intel/duo/users.py +54 -50
- cartography/intel/duo/web_authn_credentials.py +30 -25
- cartography/intel/entra/__init__.py +160 -0
- cartography/intel/entra/app_role_assignments.py +284 -0
- cartography/intel/entra/applications.py +182 -0
- cartography/intel/entra/federation/__init__.py +0 -0
- cartography/intel/entra/federation/aws_identity_center.py +77 -0
- cartography/intel/entra/groups.py +198 -0
- cartography/intel/entra/ou.py +136 -0
- cartography/intel/entra/service_principals.py +217 -0
- cartography/intel/entra/users.py +259 -0
- cartography/intel/gcp/__init__.py +381 -175
- cartography/intel/gcp/bigtable_app_profile.py +101 -0
- cartography/intel/gcp/bigtable_backup.py +91 -0
- cartography/intel/gcp/bigtable_cluster.py +93 -0
- cartography/intel/gcp/bigtable_instance.py +86 -0
- cartography/intel/gcp/bigtable_table.py +87 -0
- cartography/intel/gcp/cai.py +292 -0
- cartography/intel/gcp/clients.py +112 -0
- cartography/intel/gcp/compute.py +521 -325
- cartography/intel/gcp/crm/__init__.py +0 -0
- cartography/intel/gcp/crm/folders.py +114 -0
- cartography/intel/gcp/crm/orgs.py +70 -0
- cartography/intel/gcp/crm/projects.py +120 -0
- cartography/intel/gcp/dns.py +134 -179
- cartography/intel/gcp/gke.py +100 -107
- cartography/intel/gcp/iam.py +262 -0
- cartography/intel/gcp/permission_relationships.py +394 -0
- cartography/intel/gcp/policy_bindings.py +225 -0
- cartography/intel/gcp/storage.py +103 -158
- cartography/intel/github/__init__.py +66 -27
- cartography/intel/github/commits.py +423 -0
- cartography/intel/github/repos.py +871 -160
- cartography/intel/github/teams.py +386 -53
- cartography/intel/github/users.py +214 -49
- cartography/intel/github/util.py +50 -35
- cartography/intel/googleworkspace/__init__.py +193 -0
- cartography/intel/googleworkspace/devices.py +254 -0
- cartography/intel/googleworkspace/groups.py +568 -0
- cartography/intel/googleworkspace/oauth_apps.py +259 -0
- cartography/intel/googleworkspace/tenant.py +85 -0
- cartography/intel/googleworkspace/users.py +138 -0
- cartography/intel/gsuite/__init__.py +101 -42
- cartography/intel/gsuite/groups.py +291 -0
- cartography/intel/gsuite/users.py +142 -0
- cartography/intel/jamf/__init__.py +19 -1
- cartography/intel/jamf/computers.py +37 -8
- cartography/intel/jamf/util.py +7 -2
- cartography/intel/kandji/__init__.py +6 -3
- cartography/intel/kandji/devices.py +40 -10
- cartography/intel/keycloak/__init__.py +153 -0
- cartography/intel/keycloak/authenticationexecutions.py +322 -0
- cartography/intel/keycloak/authenticationflows.py +77 -0
- cartography/intel/keycloak/clients.py +187 -0
- cartography/intel/keycloak/groups.py +126 -0
- cartography/intel/keycloak/identityproviders.py +94 -0
- cartography/intel/keycloak/organizations.py +163 -0
- cartography/intel/keycloak/realms.py +61 -0
- cartography/intel/keycloak/roles.py +202 -0
- cartography/intel/keycloak/scopes.py +73 -0
- cartography/intel/keycloak/users.py +70 -0
- cartography/intel/keycloak/util.py +47 -0
- cartography/intel/kubernetes/__init__.py +60 -14
- cartography/intel/kubernetes/clusters.py +86 -0
- cartography/intel/kubernetes/eks.py +402 -0
- cartography/intel/kubernetes/namespaces.py +60 -55
- cartography/intel/kubernetes/pods.py +171 -75
- cartography/intel/kubernetes/rbac.py +597 -0
- cartography/intel/kubernetes/secrets.py +95 -45
- cartography/intel/kubernetes/services.py +131 -63
- cartography/intel/kubernetes/util.py +142 -14
- cartography/intel/lastpass/__init__.py +2 -2
- cartography/intel/lastpass/users.py +23 -12
- cartography/intel/oci/__init__.py +44 -11
- cartography/intel/oci/iam.py +157 -47
- cartography/intel/oci/organizations.py +16 -7
- cartography/intel/oci/utils.py +71 -25
- cartography/intel/okta/__init__.py +66 -15
- cartography/intel/okta/applications.py +57 -25
- cartography/intel/okta/awssaml.py +105 -41
- cartography/intel/okta/factors.py +19 -5
- cartography/intel/okta/groups.py +61 -31
- cartography/intel/okta/organization.py +8 -2
- cartography/intel/okta/origins.py +9 -3
- cartography/intel/okta/roles.py +20 -7
- cartography/intel/okta/users.py +31 -10
- cartography/intel/okta/utils.py +6 -4
- cartography/intel/ontology/__init__.py +44 -0
- cartography/intel/ontology/devices.py +54 -0
- cartography/intel/ontology/users.py +54 -0
- cartography/intel/ontology/utils.py +176 -0
- cartography/intel/openai/__init__.py +86 -0
- cartography/intel/openai/adminapikeys.py +89 -0
- cartography/intel/openai/apikeys.py +96 -0
- cartography/intel/openai/projects.py +97 -0
- cartography/intel/openai/serviceaccounts.py +82 -0
- cartography/intel/openai/users.py +75 -0
- cartography/intel/openai/util.py +45 -0
- cartography/intel/pagerduty/__init__.py +8 -7
- cartography/intel/pagerduty/escalation_policies.py +31 -12
- cartography/intel/pagerduty/schedules.py +21 -8
- cartography/intel/pagerduty/services.py +18 -7
- cartography/intel/pagerduty/teams.py +13 -5
- cartography/intel/pagerduty/users.py +6 -2
- cartography/intel/pagerduty/vendors.py +6 -2
- cartography/intel/scaleway/__init__.py +127 -0
- cartography/intel/scaleway/iam/__init__.py +0 -0
- cartography/intel/scaleway/iam/apikeys.py +71 -0
- cartography/intel/scaleway/iam/applications.py +71 -0
- cartography/intel/scaleway/iam/groups.py +71 -0
- cartography/intel/scaleway/iam/users.py +71 -0
- cartography/intel/scaleway/instances/__init__.py +0 -0
- cartography/intel/scaleway/instances/flexibleips.py +86 -0
- cartography/intel/scaleway/instances/instances.py +92 -0
- cartography/intel/scaleway/projects.py +79 -0
- cartography/intel/scaleway/storage/__init__.py +0 -0
- cartography/intel/scaleway/storage/snapshots.py +86 -0
- cartography/intel/scaleway/storage/volumes.py +84 -0
- cartography/intel/scaleway/utils.py +37 -0
- cartography/intel/semgrep/__init__.py +30 -5
- cartography/intel/semgrep/dependencies.py +255 -0
- cartography/intel/semgrep/deployment.py +69 -0
- cartography/intel/semgrep/findings.py +157 -117
- cartography/intel/sentinelone/__init__.py +75 -0
- cartography/intel/sentinelone/account.py +140 -0
- cartography/intel/sentinelone/agent.py +139 -0
- cartography/intel/sentinelone/api.py +124 -0
- cartography/intel/sentinelone/application.py +248 -0
- cartography/intel/sentinelone/cve.py +119 -0
- cartography/intel/sentinelone/utils.py +28 -0
- cartography/intel/slack/__init__.py +78 -0
- cartography/intel/slack/channels.py +80 -0
- cartography/intel/slack/groups.py +90 -0
- cartography/intel/slack/teams.py +65 -0
- cartography/intel/slack/users.py +57 -0
- cartography/intel/slack/utils.py +29 -0
- cartography/intel/snipeit/__init__.py +44 -0
- cartography/intel/snipeit/asset.py +80 -0
- cartography/intel/snipeit/user.py +78 -0
- cartography/intel/snipeit/util.py +40 -0
- cartography/intel/spacelift/__init__.py +161 -0
- cartography/intel/spacelift/account.py +73 -0
- cartography/intel/spacelift/ec2_ownership.py +280 -0
- cartography/intel/spacelift/runs.py +463 -0
- cartography/intel/spacelift/spaces.py +112 -0
- cartography/intel/spacelift/stacks.py +119 -0
- cartography/intel/spacelift/util.py +122 -0
- cartography/intel/spacelift/workerpools.py +131 -0
- cartography/intel/spacelift/workers.py +128 -0
- cartography/intel/tailscale/__init__.py +77 -0
- cartography/intel/tailscale/acls.py +146 -0
- cartography/intel/tailscale/devices.py +127 -0
- cartography/intel/tailscale/postureintegrations.py +81 -0
- cartography/intel/tailscale/tailnets.py +76 -0
- cartography/intel/tailscale/users.py +80 -0
- cartography/intel/tailscale/utils.py +132 -0
- cartography/intel/trivy/__init__.py +272 -0
- cartography/intel/trivy/scanner.py +386 -0
- cartography/models/airbyte/__init__.py +0 -0
- cartography/models/airbyte/connection.py +138 -0
- cartography/models/airbyte/destination.py +75 -0
- cartography/models/airbyte/organization.py +19 -0
- cartography/models/airbyte/source.py +75 -0
- cartography/models/airbyte/stream.py +74 -0
- cartography/models/airbyte/tag.py +69 -0
- cartography/models/airbyte/user.py +115 -0
- cartography/models/airbyte/workspace.py +46 -0
- cartography/models/anthropic/__init__.py +0 -0
- cartography/models/anthropic/apikey.py +94 -0
- cartography/models/anthropic/organization.py +19 -0
- cartography/models/anthropic/user.py +52 -0
- cartography/models/anthropic/workspace.py +90 -0
- cartography/models/aws/acm/__init__.py +0 -0
- cartography/models/aws/acm/certificate.py +75 -0
- cartography/models/aws/apigateway/__init__.py +0 -0
- cartography/models/aws/apigateway/apigateway.py +51 -0
- cartography/models/aws/apigateway/apigatewaycertificate.py +72 -0
- cartography/models/aws/apigateway/apigatewaydeployment.py +74 -0
- cartography/models/aws/apigateway/apigatewayintegration.py +79 -0
- cartography/models/aws/apigateway/apigatewaymethod.py +74 -0
- cartography/models/aws/apigateway/apigatewayresource.py +70 -0
- cartography/models/aws/apigateway/apigatewaystage.py +75 -0
- cartography/models/aws/apigatewayv2/__init__.py +0 -0
- cartography/models/aws/apigatewayv2/apigatewayv2.py +53 -0
- cartography/models/aws/cloudtrail/__init__.py +0 -0
- cartography/models/aws/cloudtrail/management_events.py +153 -0
- cartography/models/aws/cloudtrail/trail.py +106 -0
- cartography/models/aws/cloudwatch/__init__.py +0 -0
- cartography/models/aws/cloudwatch/log_metric_filter.py +79 -0
- cartography/models/aws/cloudwatch/loggroup.py +52 -0
- cartography/models/aws/cloudwatch/metric_alarm.py +53 -0
- cartography/models/aws/codebuild/__init__.py +0 -0
- cartography/models/aws/codebuild/project.py +49 -0
- cartography/models/aws/cognito/__init__.py +0 -0
- cartography/models/aws/cognito/identity_pool.py +70 -0
- cartography/models/aws/cognito/user_pool.py +47 -0
- cartography/models/aws/dynamodb/gsi.py +30 -22
- cartography/models/aws/dynamodb/tables.py +27 -17
- cartography/models/aws/ec2/auto_scaling_groups.py +224 -0
- cartography/models/aws/ec2/images.py +36 -34
- cartography/models/aws/ec2/instances.py +85 -38
- cartography/models/aws/ec2/keypair.py +59 -0
- cartography/models/aws/ec2/keypair_instance.py +76 -0
- cartography/models/aws/ec2/launch_configurations.py +59 -0
- cartography/models/aws/ec2/launch_template_versions.py +48 -38
- cartography/models/aws/ec2/launch_templates.py +21 -17
- cartography/models/aws/ec2/load_balancer_listeners.py +72 -0
- cartography/models/aws/ec2/load_balancers.py +112 -0
- cartography/models/aws/ec2/network_acl_rules.py +106 -0
- cartography/models/aws/ec2/network_acls.py +95 -0
- cartography/models/aws/ec2/networkinterface_instance.py +52 -39
- cartography/models/aws/ec2/networkinterfaces.py +57 -37
- cartography/models/aws/ec2/privateip_networkinterface.py +32 -22
- cartography/models/aws/ec2/reservations.py +18 -14
- cartography/models/aws/ec2/route_table_associations.py +97 -0
- cartography/models/aws/ec2/route_tables.py +128 -0
- cartography/models/aws/ec2/routes.py +85 -0
- cartography/models/aws/ec2/security_group_rules.py +109 -0
- cartography/models/aws/ec2/security_groups.py +90 -0
- cartography/models/aws/ec2/securitygroup_instance.py +29 -20
- cartography/models/aws/ec2/securitygroup_networkinterface.py +24 -15
- cartography/models/aws/ec2/snapshots.py +58 -0
- cartography/models/aws/ec2/subnet_instance.py +26 -19
- cartography/models/aws/ec2/subnet_networkinterface.py +42 -31
- cartography/models/aws/ec2/subnets.py +65 -0
- cartography/models/aws/ec2/volumes.py +67 -40
- cartography/models/aws/ec2/vpc.py +46 -0
- cartography/models/aws/ec2/vpc_cidr.py +102 -0
- cartography/models/aws/ec2/vpc_peering.py +157 -0
- cartography/models/aws/ecr/__init__.py +0 -0
- cartography/models/aws/ecr/image.py +146 -0
- cartography/models/aws/ecr/image_layer.py +107 -0
- cartography/models/aws/ecr/repository.py +72 -0
- cartography/models/aws/ecr/repository_image.py +95 -0
- cartography/models/aws/ecs/__init__.py +0 -0
- cartography/models/aws/ecs/clusters.py +64 -0
- cartography/models/aws/ecs/container_definitions.py +93 -0
- cartography/models/aws/ecs/container_instances.py +84 -0
- cartography/models/aws/ecs/containers.py +101 -0
- cartography/models/aws/ecs/services.py +134 -0
- cartography/models/aws/ecs/task_definitions.py +135 -0
- cartography/models/aws/ecs/tasks.py +134 -0
- cartography/models/aws/efs/__init__.py +0 -0
- cartography/models/aws/efs/access_point.py +77 -0
- cartography/models/aws/efs/file_system.py +60 -0
- cartography/models/aws/efs/mount_target.py +79 -0
- cartography/models/aws/eks/clusters.py +23 -21
- cartography/models/aws/elasticache/__init__.py +0 -0
- cartography/models/aws/elasticache/cluster.py +65 -0
- cartography/models/aws/elasticache/topic.py +67 -0
- cartography/models/aws/emr.py +32 -30
- cartography/models/aws/eventbridge/__init__.py +0 -0
- cartography/models/aws/eventbridge/rule.py +77 -0
- cartography/models/aws/eventbridge/target.py +71 -0
- cartography/models/aws/glue/__init__.py +0 -0
- cartography/models/aws/glue/connection.py +51 -0
- cartography/models/aws/glue/job.py +69 -0
- cartography/models/aws/guardduty/__init__.py +1 -0
- cartography/models/aws/guardduty/detectors.py +50 -0
- cartography/models/aws/guardduty/findings.py +121 -0
- cartography/models/aws/iam/__init__.py +0 -0
- cartography/models/aws/iam/access_key.py +103 -0
- cartography/models/aws/iam/account_role.py +24 -0
- cartography/models/aws/iam/federated_principal.py +60 -0
- cartography/models/aws/iam/group.py +60 -0
- cartography/models/aws/iam/group_membership.py +27 -0
- cartography/models/aws/iam/inline_policy.py +78 -0
- cartography/models/aws/iam/instanceprofile.py +76 -0
- cartography/models/aws/iam/managed_policy.py +51 -0
- cartography/models/aws/iam/policy_statement.py +57 -0
- cartography/models/aws/iam/role.py +83 -0
- cartography/models/aws/iam/root_principal.py +52 -0
- cartography/models/aws/iam/service_principal.py +30 -0
- cartography/models/aws/iam/sts_assumerole_allow.py +38 -0
- cartography/models/aws/iam/user.py +59 -0
- cartography/models/aws/identitycenter/__init__.py +0 -0
- cartography/models/aws/identitycenter/awsidentitycenter.py +49 -0
- cartography/models/aws/identitycenter/awspermissionset.py +162 -0
- cartography/models/aws/identitycenter/awssogroup.py +70 -0
- cartography/models/aws/identitycenter/awsssouser.py +110 -0
- cartography/models/aws/inspector/findings.py +124 -58
- cartography/models/aws/inspector/packages.py +18 -42
- cartography/models/aws/kms/__init__.py +0 -0
- cartography/models/aws/kms/aliases.py +86 -0
- cartography/models/aws/kms/grants.py +65 -0
- cartography/models/aws/kms/keys.py +88 -0
- cartography/models/aws/lambda_function/__init__.py +0 -0
- cartography/models/aws/lambda_function/alias.py +74 -0
- cartography/models/aws/lambda_function/event_source_mapping.py +88 -0
- cartography/models/aws/lambda_function/lambda_function.py +91 -0
- cartography/models/aws/lambda_function/layer.py +72 -0
- cartography/models/aws/rds/__init__.py +0 -0
- cartography/models/aws/rds/cluster.py +91 -0
- cartography/models/aws/rds/event_subscription.py +146 -0
- cartography/models/aws/rds/instance.py +156 -0
- cartography/models/aws/rds/snapshot.py +108 -0
- cartography/models/aws/rds/subnet_group.py +101 -0
- cartography/models/aws/route53/__init__.py +0 -0
- cartography/models/aws/route53/dnsrecord.py +235 -0
- cartography/models/aws/route53/nameserver.py +63 -0
- cartography/models/aws/route53/subzone.py +40 -0
- cartography/models/aws/route53/zone.py +47 -0
- cartography/models/aws/s3/__init__.py +0 -0
- cartography/models/aws/s3/account_public_access_block.py +51 -0
- cartography/models/aws/s3/notification.py +24 -0
- cartography/models/aws/secretsmanager/__init__.py +0 -0
- cartography/models/aws/secretsmanager/secret.py +106 -0
- cartography/models/aws/secretsmanager/secret_version.py +114 -0
- cartography/models/aws/sns/__init__.py +0 -0
- cartography/models/aws/sns/topic.py +50 -0
- cartography/models/aws/sns/topic_subscription.py +74 -0
- cartography/models/aws/sqs/__init__.py +0 -0
- cartography/models/aws/sqs/queue.py +89 -0
- cartography/models/aws/ssm/instance_information.py +51 -39
- cartography/models/aws/ssm/instance_patch.py +32 -26
- cartography/models/aws/ssm/parameters.py +84 -0
- cartography/models/azure/__init__.py +0 -0
- cartography/models/azure/aks_cluster.py +54 -0
- cartography/models/azure/aks_nodepool.py +54 -0
- cartography/models/azure/app_service.py +59 -0
- cartography/models/azure/container_instance.py +57 -0
- cartography/models/azure/cosmosdb/__init__.py +0 -0
- cartography/models/azure/cosmosdb/account.py +77 -0
- cartography/models/azure/cosmosdb/accountfailoverpolicy.py +77 -0
- cartography/models/azure/cosmosdb/cassandrakeyspace.py +82 -0
- cartography/models/azure/cosmosdb/cassandratable.py +81 -0
- cartography/models/azure/cosmosdb/corspolicy.py +74 -0
- cartography/models/azure/cosmosdb/dblocation.py +120 -0
- cartography/models/azure/cosmosdb/mongodbcollection.py +82 -0
- cartography/models/azure/cosmosdb/mongodbdatabase.py +78 -0
- cartography/models/azure/cosmosdb/privateendpointconnection.py +81 -0
- cartography/models/azure/cosmosdb/sqlcontainer.py +88 -0
- cartography/models/azure/cosmosdb/sqldatabase.py +78 -0
- cartography/models/azure/cosmosdb/tableresource.py +76 -0
- cartography/models/azure/cosmosdb/virtualnetworkrule.py +78 -0
- cartography/models/azure/data_factory/__init__.py +0 -0
- cartography/models/azure/data_factory/data_factory.py +51 -0
- cartography/models/azure/data_factory/data_factory_dataset.py +94 -0
- cartography/models/azure/data_factory/data_factory_linked_service.py +78 -0
- cartography/models/azure/data_factory/data_factory_pipeline.py +93 -0
- cartography/models/azure/data_lake_filesystem.py +51 -0
- cartography/models/azure/event_grid_topic.py +57 -0
- cartography/models/azure/function_app.py +59 -0
- cartography/models/azure/load_balancer/__init__.py +0 -0
- cartography/models/azure/load_balancer/load_balancer.py +49 -0
- cartography/models/azure/load_balancer/load_balancer_backend_pool.py +73 -0
- cartography/models/azure/load_balancer/load_balancer_frontend_ip.py +75 -0
- cartography/models/azure/load_balancer/load_balancer_inbound_nat_rule.py +78 -0
- cartography/models/azure/load_balancer/load_balancer_rule.py +108 -0
- cartography/models/azure/logic_apps.py +56 -0
- cartography/models/azure/monitor.py +54 -0
- cartography/models/azure/network_interface.py +112 -0
- cartography/models/azure/network_security_group.py +50 -0
- cartography/models/azure/permission_relationships.py +60 -0
- cartography/models/azure/principal.py +41 -0
- cartography/models/azure/public_ip_address.py +50 -0
- cartography/models/azure/rbac.py +268 -0
- cartography/models/azure/resource_groups.py +52 -0
- cartography/models/azure/security_center.py +50 -0
- cartography/models/azure/sql/__init__.py +0 -0
- cartography/models/azure/sql/databasethreatdetectionpolicy.py +85 -0
- cartography/models/azure/sql/elasticpool.py +77 -0
- cartography/models/azure/sql/failovergroup.py +73 -0
- cartography/models/azure/sql/recoverabledatabase.py +75 -0
- cartography/models/azure/sql/replicationlink.py +81 -0
- cartography/models/azure/sql/restorabledroppeddatabase.py +82 -0
- cartography/models/azure/sql/restorepoint.py +74 -0
- cartography/models/azure/sql/serveradadministrator.py +74 -0
- cartography/models/azure/sql/serverdnsalias.py +71 -0
- cartography/models/azure/sql/sqldatabase.py +85 -0
- cartography/models/azure/sql/sqlserver.py +50 -0
- cartography/models/azure/sql/transparentdataencryption.py +76 -0
- cartography/models/azure/storage/__init__.py +0 -0
- cartography/models/azure/storage/account.py +59 -0
- cartography/models/azure/storage/blobcontainer.py +85 -0
- cartography/models/azure/storage/blobservice.py +71 -0
- cartography/models/azure/storage/fileservice.py +71 -0
- cartography/models/azure/storage/fileshare.py +82 -0
- cartography/models/azure/storage/queue.py +71 -0
- cartography/models/azure/storage/queueservice.py +73 -0
- cartography/models/azure/storage/table.py +72 -0
- cartography/models/azure/storage/tableservice.py +73 -0
- cartography/models/azure/subnet.py +101 -0
- cartography/models/azure/subscription.py +47 -0
- cartography/models/azure/tags/__init__.py +0 -0
- cartography/models/azure/tags/storage_tag.py +40 -0
- cartography/models/azure/tags/tag.py +37 -0
- cartography/models/azure/tenant.py +17 -0
- cartography/models/azure/virtual_network.py +49 -0
- cartography/models/azure/vm/__init__.py +0 -0
- cartography/models/azure/vm/datadisk.py +80 -0
- cartography/models/azure/vm/disk.py +55 -0
- cartography/models/azure/vm/snapshot.py +56 -0
- cartography/models/azure/vm/virtualmachine.py +59 -0
- cartography/models/bigfix/bigfix_computer.py +42 -38
- cartography/models/bigfix/bigfix_root.py +3 -3
- cartography/models/cloudflare/__init__.py +0 -0
- cartography/models/cloudflare/account.py +25 -0
- cartography/models/cloudflare/dnsrecord.py +55 -0
- cartography/models/cloudflare/member.py +86 -0
- cartography/models/cloudflare/role.py +44 -0
- cartography/models/cloudflare/zone.py +59 -0
- cartography/models/core/common.py +53 -2
- cartography/models/core/nodes.py +20 -4
- cartography/models/core/relationships.py +58 -6
- cartography/models/crowdstrike/__init__.py +0 -0
- cartography/models/crowdstrike/hosts.py +51 -0
- cartography/models/cve/cve.py +34 -32
- cartography/models/cve/cve_feed.py +6 -6
- cartography/models/digitalocean/__init__.py +0 -0
- cartography/models/digitalocean/account.py +21 -0
- cartography/models/digitalocean/droplet.py +58 -0
- cartography/models/digitalocean/project.py +48 -0
- cartography/models/duo/api_host.py +3 -3
- cartography/models/duo/endpoint.py +43 -41
- cartography/models/duo/group.py +14 -14
- cartography/models/duo/phone.py +27 -27
- cartography/models/duo/token.py +16 -16
- cartography/models/duo/user.py +50 -44
- cartography/models/duo/web_authn_credential.py +27 -19
- cartography/models/entra/__init__.py +0 -0
- cartography/models/entra/app_role_assignment.py +115 -0
- cartography/models/entra/application.py +49 -0
- cartography/models/entra/entra_user_to_aws_sso.py +41 -0
- cartography/models/entra/group.py +117 -0
- cartography/models/entra/ou.py +48 -0
- cartography/models/entra/service_principal.py +104 -0
- cartography/models/entra/tenant.py +39 -0
- cartography/models/entra/user.py +90 -0
- cartography/models/gcp/__init__.py +0 -0
- cartography/models/gcp/bigtable/__init__.py +0 -0
- cartography/models/gcp/bigtable/app_profile.py +94 -0
- cartography/models/gcp/bigtable/backup.py +91 -0
- cartography/models/gcp/bigtable/cluster.py +73 -0
- cartography/models/gcp/bigtable/instance.py +52 -0
- cartography/models/gcp/bigtable/table.py +69 -0
- cartography/models/gcp/compute/__init__.py +0 -0
- cartography/models/gcp/compute/subnet.py +74 -0
- cartography/models/gcp/compute/vpc.py +50 -0
- cartography/models/gcp/crm/__init__.py +0 -0
- cartography/models/gcp/crm/folders.py +98 -0
- cartography/models/gcp/crm/organizations.py +21 -0
- cartography/models/gcp/crm/projects.py +100 -0
- cartography/models/gcp/dns.py +109 -0
- cartography/models/gcp/gke.py +69 -0
- cartography/models/gcp/iam.py +73 -0
- cartography/models/gcp/permission_relationships.py +61 -0
- cartography/models/gcp/policy_bindings.py +93 -0
- cartography/models/gcp/storage/__init__.py +0 -0
- cartography/models/gcp/storage/bucket.py +119 -0
- cartography/models/github/commits.py +63 -0
- cartography/models/github/dependencies.py +73 -0
- cartography/models/github/manifests.py +49 -0
- cartography/models/github/orgs.py +27 -0
- cartography/models/github/teams.py +74 -22
- cartography/models/github/users.py +149 -0
- cartography/models/googleworkspace/__init__.py +0 -0
- cartography/models/googleworkspace/device.py +132 -0
- cartography/models/googleworkspace/group.py +382 -0
- cartography/models/googleworkspace/oauth_app.py +124 -0
- cartography/models/googleworkspace/tenant.py +30 -0
- cartography/models/googleworkspace/user.py +113 -0
- cartography/models/gsuite/__init__.py +0 -0
- cartography/models/gsuite/group.py +218 -0
- cartography/models/gsuite/tenant.py +29 -0
- cartography/models/gsuite/user.py +107 -0
- cartography/models/kandji/device.py +22 -17
- cartography/models/kandji/tenant.py +6 -4
- cartography/models/keycloak/__init__.py +0 -0
- cartography/models/keycloak/authenticationexecution.py +160 -0
- cartography/models/keycloak/authenticationflow.py +54 -0
- cartography/models/keycloak/client.py +179 -0
- cartography/models/keycloak/group.py +101 -0
- cartography/models/keycloak/identityprovider.py +89 -0
- cartography/models/keycloak/organization.py +116 -0
- cartography/models/keycloak/organizationdomain.py +73 -0
- cartography/models/keycloak/realm.py +173 -0
- cartography/models/keycloak/role.py +126 -0
- cartography/models/keycloak/scope.py +73 -0
- cartography/models/keycloak/user.py +55 -0
- cartography/models/kubernetes/__init__.py +0 -0
- cartography/models/kubernetes/clusterrolebindings.py +138 -0
- cartography/models/kubernetes/clusterroles.py +52 -0
- cartography/models/kubernetes/clusters.py +26 -0
- cartography/models/kubernetes/containers.py +133 -0
- cartography/models/kubernetes/groups.py +107 -0
- cartography/models/kubernetes/namespaces.py +51 -0
- cartography/models/kubernetes/oidc.py +51 -0
- cartography/models/kubernetes/pods.py +80 -0
- cartography/models/kubernetes/rolebindings.py +159 -0
- cartography/models/kubernetes/roles.py +76 -0
- cartography/models/kubernetes/secrets.py +79 -0
- cartography/models/kubernetes/serviceaccounts.py +77 -0
- cartography/models/kubernetes/services.py +108 -0
- cartography/models/kubernetes/users.py +105 -0
- cartography/models/lastpass/tenant.py +3 -3
- cartography/models/lastpass/user.py +36 -28
- cartography/models/ontology/__init__.py +0 -0
- cartography/models/ontology/device.py +137 -0
- cartography/models/ontology/mapping/__init__.py +76 -0
- cartography/models/ontology/mapping/data/__init__.py +0 -0
- cartography/models/ontology/mapping/data/apikeys.py +93 -0
- cartography/models/ontology/mapping/data/computeinstance.py +95 -0
- cartography/models/ontology/mapping/data/containers.py +88 -0
- cartography/models/ontology/mapping/data/databases.py +182 -0
- cartography/models/ontology/mapping/data/devices.py +194 -0
- cartography/models/ontology/mapping/data/thirdpartyapps.py +140 -0
- cartography/models/ontology/mapping/data/useraccounts.py +416 -0
- cartography/models/ontology/mapping/data/users.py +63 -0
- cartography/models/ontology/mapping/specs.py +85 -0
- cartography/models/ontology/user.py +51 -0
- cartography/models/openai/__init__.py +0 -0
- cartography/models/openai/adminapikey.py +94 -0
- cartography/models/openai/apikey.py +88 -0
- cartography/models/openai/organization.py +17 -0
- cartography/models/openai/project.py +89 -0
- cartography/models/openai/serviceaccount.py +50 -0
- cartography/models/openai/user.py +53 -0
- cartography/models/scaleway/__init__.py +0 -0
- cartography/models/scaleway/iam/__init__.py +0 -0
- cartography/models/scaleway/iam/apikey.py +100 -0
- cartography/models/scaleway/iam/application.py +52 -0
- cartography/models/scaleway/iam/group.py +95 -0
- cartography/models/scaleway/iam/user.py +64 -0
- cartography/models/scaleway/instance/__init__.py +0 -0
- cartography/models/scaleway/instance/flexibleip.py +52 -0
- cartography/models/scaleway/instance/instance.py +120 -0
- cartography/models/scaleway/organization.py +19 -0
- cartography/models/scaleway/project.py +48 -0
- cartography/models/scaleway/storage/__init__.py +0 -0
- cartography/models/scaleway/storage/snapshot.py +78 -0
- cartography/models/scaleway/storage/volume.py +51 -0
- cartography/models/semgrep/dependencies.py +102 -0
- cartography/models/semgrep/deployment.py +5 -5
- cartography/models/semgrep/findings.py +58 -40
- cartography/models/semgrep/locations.py +27 -21
- cartography/models/sentinelone/__init__.py +1 -0
- cartography/models/sentinelone/account.py +40 -0
- cartography/models/sentinelone/agent.py +50 -0
- cartography/models/sentinelone/application.py +44 -0
- cartography/models/sentinelone/application_version.py +96 -0
- cartography/models/sentinelone/cve.py +73 -0
- cartography/models/slack/__init__.py +0 -0
- cartography/models/slack/channels.py +92 -0
- cartography/models/slack/group.py +129 -0
- cartography/models/slack/team.py +22 -0
- cartography/models/slack/user.py +62 -0
- cartography/models/snipeit/__init__.py +0 -0
- cartography/models/snipeit/asset.py +92 -0
- cartography/models/snipeit/tenant.py +19 -0
- cartography/models/snipeit/user.py +60 -0
- cartography/models/spacelift/__init__.py +0 -0
- cartography/models/spacelift/cloudtrailevent.py +120 -0
- cartography/models/spacelift/run.py +162 -0
- cartography/models/spacelift/space.py +131 -0
- cartography/models/spacelift/spaceliftaccount.py +31 -0
- cartography/models/spacelift/spaceliftgitcommit.py +157 -0
- cartography/models/spacelift/stack.py +96 -0
- cartography/models/spacelift/user.py +63 -0
- cartography/models/spacelift/worker.py +97 -0
- cartography/models/spacelift/workerpool.py +90 -0
- cartography/models/tailscale/__init__.py +0 -0
- cartography/models/tailscale/device.py +96 -0
- cartography/models/tailscale/group.py +86 -0
- cartography/models/tailscale/postureintegration.py +58 -0
- cartography/models/tailscale/tag.py +102 -0
- cartography/models/tailscale/tailnet.py +29 -0
- cartography/models/tailscale/user.py +57 -0
- cartography/models/trivy/__init__.py +0 -0
- cartography/models/trivy/findings.py +66 -0
- cartography/models/trivy/fix.py +66 -0
- cartography/models/trivy/package.py +71 -0
- cartography/rules/README.md +1 -0
- cartography/rules/__init__.py +0 -0
- cartography/rules/cli.py +261 -0
- cartography/rules/data/__init__.py +0 -0
- cartography/rules/data/rules/__init__.py +46 -0
- cartography/rules/data/rules/cloud_security_product_deactivated.py +49 -0
- cartography/rules/data/rules/compute_instance_exposed.py +51 -0
- cartography/rules/data/rules/database_instance_exposed.py +53 -0
- cartography/rules/data/rules/delegation_boundary_modifiable.py +90 -0
- cartography/rules/data/rules/identity_administration_privileges.py +100 -0
- cartography/rules/data/rules/inactive_user_active_accounts.py +48 -0
- cartography/rules/data/rules/malicious_npm_dependencies_shai_hulud.py +2222 -0
- cartography/rules/data/rules/mfa_missing.py +46 -0
- cartography/rules/data/rules/object_storage_public.py +100 -0
- cartography/rules/data/rules/policy_administration_privileges.py +104 -0
- cartography/rules/data/rules/unmanaged_accounts.py +43 -0
- cartography/rules/data/rules/workload_identity_admin_capabilities.py +193 -0
- cartography/rules/formatters.py +108 -0
- cartography/rules/runners.py +216 -0
- cartography/rules/spec/__init__.py +0 -0
- cartography/rules/spec/model.py +267 -0
- cartography/rules/spec/result.py +38 -0
- cartography/stats.py +4 -4
- cartography/sync.py +137 -31
- cartography/util.py +187 -77
- cartography-0.123.0.dist-info/METADATA +230 -0
- cartography-0.123.0.dist-info/RECORD +856 -0
- {cartography-0.93.0rc1.dist-info → cartography-0.123.0.dist-info}/WHEEL +1 -1
- {cartography-0.93.0rc1.dist-info → cartography-0.123.0.dist-info}/entry_points.txt +1 -0
- {cartography-0.93.0rc1.dist-info → cartography-0.123.0.dist-info/licenses}/LICENSE +1 -1
- cartography/data/jobs/analysis/aws_ec2_iaminstance.json +0 -10
- cartography/data/jobs/analysis/aws_ec2_iaminstanceprofile.json +0 -10
- cartography/data/jobs/cleanup/aws_apigateway_details.json +0 -10
- cartography/data/jobs/cleanup/aws_dns_cleanup.json +0 -65
- cartography/data/jobs/cleanup/aws_import_account_access_key_cleanup.json +0 -17
- cartography/data/jobs/cleanup/aws_import_apigateway_cleanup.json +0 -45
- cartography/data/jobs/cleanup/aws_import_ec2_security_groupinfo_cleanup.json +0 -24
- cartography/data/jobs/cleanup/aws_import_groups_cleanup.json +0 -13
- cartography/data/jobs/cleanup/aws_import_lambda_cleanup.json +0 -50
- cartography/data/jobs/cleanup/aws_import_principals_cleanup.json +0 -30
- cartography/data/jobs/cleanup/aws_import_rds_clusters_cleanup.json +0 -23
- cartography/data/jobs/cleanup/aws_import_rds_instances_cleanup.json +0 -47
- cartography/data/jobs/cleanup/aws_import_rds_snapshots_cleanup.json +0 -23
- cartography/data/jobs/cleanup/aws_import_roles_cleanup.json +0 -13
- cartography/data/jobs/cleanup/aws_import_secrets_cleanup.json +0 -8
- cartography/data/jobs/cleanup/aws_import_snapshots_cleanup.json +0 -30
- cartography/data/jobs/cleanup/aws_import_users_cleanup.json +0 -8
- cartography/data/jobs/cleanup/aws_import_vpc_cleanup.json +0 -23
- cartography/data/jobs/cleanup/aws_import_vpc_peering_cleanup.json +0 -45
- cartography/data/jobs/cleanup/aws_kms_details.json +0 -10
- cartography/data/jobs/cleanup/azure_cosmosdb_cassandra_keyspace_cleanup.json +0 -25
- cartography/data/jobs/cleanup/azure_cosmosdb_cors_details.json +0 -15
- cartography/data/jobs/cleanup/azure_cosmosdb_mongodb_database_cleanup.json +0 -25
- cartography/data/jobs/cleanup/azure_cosmosdb_sql_database_cleanup.json +0 -25
- cartography/data/jobs/cleanup/azure_cosmosdb_table_resources_cleanup.json +0 -15
- cartography/data/jobs/cleanup/azure_database_account_cleanup.json +0 -85
- cartography/data/jobs/cleanup/azure_import_disks_cleanup.json +0 -15
- cartography/data/jobs/cleanup/azure_import_snapshots_cleanup.json +0 -15
- cartography/data/jobs/cleanup/azure_import_virtual_machines_cleanup.json +0 -25
- cartography/data/jobs/cleanup/azure_sql_server_cleanup.json +0 -125
- cartography/data/jobs/cleanup/azure_storage_account_cleanup.json +0 -95
- cartography/data/jobs/cleanup/azure_subscriptions_cleanup.json +0 -14
- cartography/data/jobs/cleanup/azure_tenant_cleanup.json +0 -9
- cartography/data/jobs/cleanup/crxcavator_import_cleanup.json +0 -18
- cartography/data/jobs/cleanup/gcp_compute_vpc_subnet_cleanup.json +0 -35
- cartography/data/jobs/cleanup/gcp_crm_folder_cleanup.json +0 -23
- cartography/data/jobs/cleanup/gcp_crm_organization_cleanup.json +0 -17
- cartography/data/jobs/cleanup/gcp_crm_project_cleanup.json +0 -23
- cartography/data/jobs/cleanup/gcp_dns_cleanup.json +0 -29
- cartography/data/jobs/cleanup/gcp_gke_cluster_cleanup.json +0 -17
- cartography/data/jobs/cleanup/gcp_storage_bucket_cleanup.json +0 -29
- cartography/data/jobs/cleanup/github_users_cleanup.json +0 -23
- cartography/data/jobs/cleanup/gsuite_ingest_groups_cleanup.json +0 -23
- cartography/data/jobs/cleanup/gsuite_ingest_users_cleanup.json +0 -11
- cartography/data/jobs/cleanup/kubernetes_import_cleanup.json +0 -70
- cartography/intel/crxcavator/__init__.py +0 -44
- cartography/intel/crxcavator/crxcavator.py +0 -329
- cartography/intel/gcp/crm.py +0 -302
- cartography/intel/gsuite/api.py +0 -284
- cartography/models/aws/ec2/keypairs.py +0 -64
- cartography-0.93.0rc1.dist-info/METADATA +0 -55
- cartography-0.93.0rc1.dist-info/NOTICE +0 -4
- cartography-0.93.0rc1.dist-info/RECORD +0 -341
- /cartography/data/jobs/{analysis → scoped_analysis}/aws_s3acl_analysis.json +0 -0
- {cartography-0.93.0rc1.dist-info → cartography-0.123.0.dist-info}/top_level.txt +0 -0
cartography/models/core/nodes.py
CHANGED
|
@@ -16,6 +16,7 @@ class CartographyNodeProperties(abc.ABC):
|
|
|
16
16
|
can enforce that all subclasses have an id and a lastupdated field. These fields are assigned to the node in the
|
|
17
17
|
`SET` clause.
|
|
18
18
|
"""
|
|
19
|
+
|
|
19
20
|
id: PropertyRef = field(init=False)
|
|
20
21
|
lastupdated: PropertyRef = field(init=False)
|
|
21
22
|
|
|
@@ -24,12 +25,12 @@ class CartographyNodeProperties(abc.ABC):
|
|
|
24
25
|
Data validation.
|
|
25
26
|
1. Prevents direct instantiation. This workaround is needed since this is a dataclass and an abstract
|
|
26
27
|
class without an abstract method defined. See https://stackoverflow.com/q/60590442.
|
|
27
|
-
2. Stops reserved words from being used as attribute names. See https://github.com/
|
|
28
|
+
2. Stops reserved words from being used as attribute names. See https://github.com/cartography-cncf/cartography/issues/1064.
|
|
28
29
|
"""
|
|
29
30
|
if self.__class__ == CartographyNodeProperties:
|
|
30
31
|
raise TypeError("Cannot instantiate abstract class.")
|
|
31
32
|
|
|
32
|
-
if hasattr(self,
|
|
33
|
+
if hasattr(self, "firstseen"):
|
|
33
34
|
raise TypeError(
|
|
34
35
|
"`firstseen` is a reserved word and is automatically set by the querybuilder on cartography nodes, so "
|
|
35
36
|
f'it cannot be used on class "{type(self).__name__}(CartographyNodeProperties)". Please either choose '
|
|
@@ -43,6 +44,7 @@ class ExtraNodeLabels:
|
|
|
43
44
|
Encapsulates a list of str representing additional labels for the CartographyNodeSchema that this is composed on.
|
|
44
45
|
This wrapping is used to ensure dataclass immutability for the CartographyNodeSchema.
|
|
45
46
|
"""
|
|
47
|
+
|
|
46
48
|
labels: List[str]
|
|
47
49
|
|
|
48
50
|
|
|
@@ -52,6 +54,7 @@ class CartographyNodeSchema(abc.ABC):
|
|
|
52
54
|
Abstract base dataclass that represents a graph node in cartography. This is used to dynamically generate graph
|
|
53
55
|
ingestion queries.
|
|
54
56
|
"""
|
|
57
|
+
|
|
55
58
|
@property
|
|
56
59
|
@abc.abstractmethod
|
|
57
60
|
def label(self) -> str:
|
|
@@ -88,7 +91,7 @@ class CartographyNodeSchema(abc.ABC):
|
|
|
88
91
|
"""
|
|
89
92
|
Optional.
|
|
90
93
|
Allows subclasses to specify additional cartography relationships on the node.
|
|
91
|
-
:return: None if not
|
|
94
|
+
:return: None if not overridden. Else return the node's OtherRelationships.
|
|
92
95
|
"""
|
|
93
96
|
return None
|
|
94
97
|
|
|
@@ -97,6 +100,19 @@ class CartographyNodeSchema(abc.ABC):
|
|
|
97
100
|
"""
|
|
98
101
|
Optional.
|
|
99
102
|
Allows specifying extra labels on the node.
|
|
100
|
-
:return: None if not
|
|
103
|
+
:return: None if not overridden. Else return the ExtraNodeLabels specified on the node.
|
|
101
104
|
"""
|
|
102
105
|
return None
|
|
106
|
+
|
|
107
|
+
@property
|
|
108
|
+
def scoped_cleanup(self) -> bool:
|
|
109
|
+
"""
|
|
110
|
+
Optional.
|
|
111
|
+
Allows specifying whether cleanups of this node must be scoped to the sub resource relationship.
|
|
112
|
+
If True (default), when we clean up nodes of this type, we will only delete stale nodes in the current sub
|
|
113
|
+
resource. This is how our AWS sync behaves.
|
|
114
|
+
If False, when we clean up node of this type, we will delete all stale nodes. This is designed for resource
|
|
115
|
+
types that don't have a "tenant"-like entity.
|
|
116
|
+
:return: True if not overridden. Else return the boolean value specified on the node.
|
|
117
|
+
"""
|
|
118
|
+
return True
|
|
@@ -19,18 +19,19 @@ class LinkDirection(Enum):
|
|
|
19
19
|
|
|
20
20
|
class EMRCluster(CartographyNodeSchema):
|
|
21
21
|
label: str = "EMRCluster"
|
|
22
|
-
sub_resource_relationship: CartographyRelSchema =
|
|
22
|
+
sub_resource_relationship: CartographyRelSchema = EMRClusterToAWSAccountRel()
|
|
23
23
|
# ...
|
|
24
24
|
|
|
25
|
-
class
|
|
25
|
+
class EMRClusterToAWSAccountRel(CartographyRelSchema):
|
|
26
26
|
target_node_label: str = "AWSAccount"
|
|
27
27
|
rel_label: str = "RESOURCE"
|
|
28
28
|
direction: LinkDirection = LinkDirection.INWARD
|
|
29
29
|
# ...
|
|
30
30
|
|
|
31
|
-
If `
|
|
31
|
+
If `EMRClusterToAWSAccountRel.direction` was LinkDirection.OUTWARD, then the directionality of the relationship would
|
|
32
32
|
be `(:EMRCluster)-[:RESOURCE]->(:AWSAccount)` instead.
|
|
33
33
|
"""
|
|
34
|
+
|
|
34
35
|
INWARD = auto()
|
|
35
36
|
OUTWARD = auto()
|
|
36
37
|
|
|
@@ -41,7 +42,13 @@ class CartographyRelProperties(abc.ABC):
|
|
|
41
42
|
Abstract class that represents the properties on a CartographyRelSchema. This is intended to enforce that all
|
|
42
43
|
subclasses will have a lastupdated field defined on their resulting relationships. These fields are assigned to the
|
|
43
44
|
relationship in the `SET` clause.
|
|
45
|
+
|
|
46
|
+
If the CartographyRelSchema is used as a MatchLink, the following properties are required to be defined here:
|
|
47
|
+
- lastupdated: A PropertyRef to the update tag of the relationship.
|
|
48
|
+
- _sub_resource_label: A PropertyRef to the label of the sub-resource that the relationship is associated with.
|
|
49
|
+
- _sub_resource_id: A PropertyRef to the id of the sub-resource that the relationship is associated with.
|
|
44
50
|
"""
|
|
51
|
+
|
|
45
52
|
lastupdated: PropertyRef = field(init=False)
|
|
46
53
|
|
|
47
54
|
def __post_init__(self):
|
|
@@ -49,12 +56,12 @@ class CartographyRelProperties(abc.ABC):
|
|
|
49
56
|
Data validation.
|
|
50
57
|
1. Prevents direct instantiation. This workaround is needed since this is a dataclass and an abstract
|
|
51
58
|
class without an abstract method defined. See https://stackoverflow.com/q/60590442.
|
|
52
|
-
2. Stops reserved words from being used as attribute names. See https://github.com/
|
|
59
|
+
2. Stops reserved words from being used as attribute names. See https://github.com/cartography-cncf/cartography/issues/1064.
|
|
53
60
|
"""
|
|
54
61
|
if self.__class__ == CartographyRelProperties:
|
|
55
62
|
raise TypeError("Cannot instantiate abstract class.")
|
|
56
63
|
|
|
57
|
-
if hasattr(self,
|
|
64
|
+
if hasattr(self, "firstseen"):
|
|
58
65
|
raise TypeError(
|
|
59
66
|
"`firstseen` is a reserved word and is automatically set by the querybuilder on cartography rels, so "
|
|
60
67
|
f'it cannot be used on class "{type(self).__name__}(CartographyRelProperties)". Please either choose '
|
|
@@ -72,6 +79,7 @@ class TargetNodeMatcher:
|
|
|
72
79
|
This is used to ensure dataclass immutability when composed as part of a CartographyNodeSchema object.
|
|
73
80
|
See `make_target_node_matcher()`.
|
|
74
81
|
"""
|
|
82
|
+
|
|
75
83
|
pass
|
|
76
84
|
|
|
77
85
|
|
|
@@ -80,10 +88,36 @@ def make_target_node_matcher(key_ref_dict: Dict[str, PropertyRef]) -> TargetNode
|
|
|
80
88
|
:param key_ref_dict: A Dict mapping keys present on the node to PropertyRef objects.
|
|
81
89
|
:return: A TargetNodeMatcher used for CartographyRelSchema to match with other nodes.
|
|
82
90
|
"""
|
|
83
|
-
fields = [
|
|
91
|
+
fields = [
|
|
92
|
+
(key, PropertyRef, field(default=prop_ref))
|
|
93
|
+
for key, prop_ref in key_ref_dict.items()
|
|
94
|
+
]
|
|
84
95
|
return make_dataclass(TargetNodeMatcher.__name__, fields, frozen=True)()
|
|
85
96
|
|
|
86
97
|
|
|
98
|
+
@dataclass(frozen=True)
|
|
99
|
+
class SourceNodeMatcher:
|
|
100
|
+
"""
|
|
101
|
+
Same as TargetNodeMatcher, but for the source node; see `make_source_node_matcher()`.
|
|
102
|
+
This object is used only for load_matchlinks() where we match on and connect existing nodes.
|
|
103
|
+
This has no effect on CartographyRelSchema objects that are included in CartographyNodeSchema.
|
|
104
|
+
"""
|
|
105
|
+
|
|
106
|
+
pass
|
|
107
|
+
|
|
108
|
+
|
|
109
|
+
def make_source_node_matcher(key_ref_dict: Dict[str, PropertyRef]) -> SourceNodeMatcher:
|
|
110
|
+
"""
|
|
111
|
+
:param key_ref_dict: A Dict mapping keys present on the node to PropertyRef objects.
|
|
112
|
+
:return: A SourceNodeMatcher used for CartographyRelSchema to match with other nodes.
|
|
113
|
+
"""
|
|
114
|
+
fields = [
|
|
115
|
+
(key, PropertyRef, field(default=prop_ref))
|
|
116
|
+
for key, prop_ref in key_ref_dict.items()
|
|
117
|
+
]
|
|
118
|
+
return make_dataclass(SourceNodeMatcher.__name__, fields, frozen=True)()
|
|
119
|
+
|
|
120
|
+
|
|
87
121
|
@dataclass(frozen=True)
|
|
88
122
|
class CartographyRelSchema(abc.ABC):
|
|
89
123
|
"""
|
|
@@ -92,6 +126,7 @@ class CartographyRelSchema(abc.ABC):
|
|
|
92
126
|
The CartographyRelSchema contains properties that make it possible to connect the CartographyNodeSchema to other
|
|
93
127
|
existing nodes in the graph.
|
|
94
128
|
"""
|
|
129
|
+
|
|
95
130
|
@property
|
|
96
131
|
@abc.abstractmethod
|
|
97
132
|
def properties(self) -> CartographyRelProperties:
|
|
@@ -132,6 +167,22 @@ class CartographyRelSchema(abc.ABC):
|
|
|
132
167
|
"""
|
|
133
168
|
pass
|
|
134
169
|
|
|
170
|
+
@property
|
|
171
|
+
def source_node_label(self) -> str | None:
|
|
172
|
+
"""
|
|
173
|
+
:return: Optional. Only used for load_matchlinks(). The source node label to use for the relationship.
|
|
174
|
+
This does not affect CartographyRelSchema that are included in CartographyNodeSchema objects.
|
|
175
|
+
"""
|
|
176
|
+
return None
|
|
177
|
+
|
|
178
|
+
@property
|
|
179
|
+
def source_node_matcher(self) -> SourceNodeMatcher | None:
|
|
180
|
+
"""
|
|
181
|
+
:return: Optional. Only used for load_matchlinks(). A SourceNodeMatcher object used to find what node(s) to attach the relationship to.
|
|
182
|
+
This does not affect CartographyRelSchema that are included in CartographyNodeSchema objects.
|
|
183
|
+
"""
|
|
184
|
+
return None
|
|
185
|
+
|
|
135
186
|
|
|
136
187
|
@dataclass(frozen=True)
|
|
137
188
|
class OtherRelationships:
|
|
@@ -139,4 +190,5 @@ class OtherRelationships:
|
|
|
139
190
|
Encapsulates a list of CartographyRelSchema. This is used to ensure dataclass immutability when composed as part of
|
|
140
191
|
a CartographyNodeSchema object.
|
|
141
192
|
"""
|
|
193
|
+
|
|
142
194
|
rels: List[CartographyRelSchema]
|
|
File without changes
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
from dataclasses import dataclass
|
|
2
|
+
|
|
3
|
+
from cartography.models.core.common import PropertyRef
|
|
4
|
+
from cartography.models.core.nodes import CartographyNodeProperties
|
|
5
|
+
from cartography.models.core.nodes import CartographyNodeSchema
|
|
6
|
+
|
|
7
|
+
|
|
8
|
+
@dataclass(frozen=True)
|
|
9
|
+
class CrowdstrikeHostNodeProperties(CartographyNodeProperties):
|
|
10
|
+
id: PropertyRef = PropertyRef("device_id")
|
|
11
|
+
cid: PropertyRef = PropertyRef("cid")
|
|
12
|
+
instance_id: PropertyRef = PropertyRef("instance_id", extra_index=True)
|
|
13
|
+
serial_number: PropertyRef = PropertyRef("serial_number", extra_index=True)
|
|
14
|
+
status: PropertyRef = PropertyRef("status")
|
|
15
|
+
hostname: PropertyRef = PropertyRef("hostname", extra_index=True)
|
|
16
|
+
machine_domain: PropertyRef = PropertyRef("machine_domain")
|
|
17
|
+
crowdstrike_first_seen: PropertyRef = PropertyRef("first_seen")
|
|
18
|
+
crowdstrike_last_seen: PropertyRef = PropertyRef("last_seen")
|
|
19
|
+
local_ip: PropertyRef = PropertyRef("local_ip")
|
|
20
|
+
external_ip: PropertyRef = PropertyRef("external_ip")
|
|
21
|
+
cpu_signature: PropertyRef = PropertyRef("cpu_signature")
|
|
22
|
+
bios_manufacturer: PropertyRef = PropertyRef("bios_manufacturer")
|
|
23
|
+
bios_version: PropertyRef = PropertyRef("bios_version")
|
|
24
|
+
mac_address: PropertyRef = PropertyRef("mac_address")
|
|
25
|
+
os_version: PropertyRef = PropertyRef("os_version")
|
|
26
|
+
os_build: PropertyRef = PropertyRef("os_build")
|
|
27
|
+
platform_id: PropertyRef = PropertyRef("platform_id")
|
|
28
|
+
platform_name: PropertyRef = PropertyRef("platform_name")
|
|
29
|
+
service_provider: PropertyRef = PropertyRef("service_provider")
|
|
30
|
+
service_provider_account_id: PropertyRef = PropertyRef(
|
|
31
|
+
"service_provider_account_id"
|
|
32
|
+
)
|
|
33
|
+
agent_version: PropertyRef = PropertyRef("agent_version")
|
|
34
|
+
system_manufacturer: PropertyRef = PropertyRef("system_manufacturer")
|
|
35
|
+
system_product_name: PropertyRef = PropertyRef("system_product_name")
|
|
36
|
+
product_type: PropertyRef = PropertyRef("product_type")
|
|
37
|
+
product_type_desc: PropertyRef = PropertyRef("product_type_desc")
|
|
38
|
+
provision_status: PropertyRef = PropertyRef("provision_status")
|
|
39
|
+
reduced_functionality_mode: PropertyRef = PropertyRef("reduced_functionality_mode")
|
|
40
|
+
kernel_version: PropertyRef = PropertyRef("kernel_version")
|
|
41
|
+
major_version: PropertyRef = PropertyRef("major_version")
|
|
42
|
+
minor_version: PropertyRef = PropertyRef("minor_version")
|
|
43
|
+
tags: PropertyRef = PropertyRef("tags")
|
|
44
|
+
modified_timestamp: PropertyRef = PropertyRef("modified_timestamp")
|
|
45
|
+
lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
|
|
46
|
+
|
|
47
|
+
|
|
48
|
+
@dataclass(frozen=True)
|
|
49
|
+
class CrowdstrikeHostSchema(CartographyNodeSchema):
|
|
50
|
+
label: str = "CrowdstrikeHost"
|
|
51
|
+
properties: CrowdstrikeHostNodeProperties = CrowdstrikeHostNodeProperties()
|
cartography/models/cve/cve.py
CHANGED
|
@@ -13,41 +13,41 @@ from cartography.models.core.relationships import TargetNodeMatcher
|
|
|
13
13
|
|
|
14
14
|
@dataclass(frozen=True)
|
|
15
15
|
class CVENodeProperties(CartographyNodeProperties):
|
|
16
|
-
id: PropertyRef = PropertyRef(
|
|
17
|
-
assigner: PropertyRef = PropertyRef(
|
|
18
|
-
description: PropertyRef = PropertyRef(
|
|
19
|
-
references: PropertyRef = PropertyRef(
|
|
20
|
-
problem_types: PropertyRef = PropertyRef(
|
|
21
|
-
vector_string: PropertyRef = PropertyRef(
|
|
22
|
-
attack_vector: PropertyRef = PropertyRef(
|
|
23
|
-
attack_complexity: PropertyRef = PropertyRef(
|
|
24
|
-
privileges_required: PropertyRef = PropertyRef(
|
|
25
|
-
user_interaction: PropertyRef = PropertyRef(
|
|
26
|
-
scope: PropertyRef = PropertyRef(
|
|
27
|
-
confidentiality_impact: PropertyRef = PropertyRef(
|
|
28
|
-
integrity_impact: PropertyRef = PropertyRef(
|
|
29
|
-
availability_impact: PropertyRef = PropertyRef(
|
|
30
|
-
base_score: PropertyRef = PropertyRef(
|
|
31
|
-
base_severity: PropertyRef = PropertyRef(
|
|
32
|
-
exploitability_score: PropertyRef = PropertyRef(
|
|
33
|
-
impact_score: PropertyRef = PropertyRef(
|
|
34
|
-
published_date: PropertyRef = PropertyRef(
|
|
35
|
-
last_modified_date: PropertyRef = PropertyRef(
|
|
36
|
-
vuln_status: PropertyRef = PropertyRef(
|
|
37
|
-
lastupdated: PropertyRef = PropertyRef(
|
|
16
|
+
id: PropertyRef = PropertyRef("id")
|
|
17
|
+
assigner: PropertyRef = PropertyRef("sourceIdentifier")
|
|
18
|
+
description: PropertyRef = PropertyRef("descriptions_en")
|
|
19
|
+
references: PropertyRef = PropertyRef("references_urls")
|
|
20
|
+
problem_types: PropertyRef = PropertyRef("weaknesses")
|
|
21
|
+
vector_string: PropertyRef = PropertyRef("vectorString")
|
|
22
|
+
attack_vector: PropertyRef = PropertyRef("attackVector")
|
|
23
|
+
attack_complexity: PropertyRef = PropertyRef("attackComplexity")
|
|
24
|
+
privileges_required: PropertyRef = PropertyRef("privilegesRequired")
|
|
25
|
+
user_interaction: PropertyRef = PropertyRef("userInteraction")
|
|
26
|
+
scope: PropertyRef = PropertyRef("scope")
|
|
27
|
+
confidentiality_impact: PropertyRef = PropertyRef("confidentialityImpact")
|
|
28
|
+
integrity_impact: PropertyRef = PropertyRef("integrityImpact")
|
|
29
|
+
availability_impact: PropertyRef = PropertyRef("availabilityImpact")
|
|
30
|
+
base_score: PropertyRef = PropertyRef("baseScore")
|
|
31
|
+
base_severity: PropertyRef = PropertyRef("baseSeverity")
|
|
32
|
+
exploitability_score: PropertyRef = PropertyRef("exploitabilityScore")
|
|
33
|
+
impact_score: PropertyRef = PropertyRef("impactScore")
|
|
34
|
+
published_date: PropertyRef = PropertyRef("published")
|
|
35
|
+
last_modified_date: PropertyRef = PropertyRef("lastModified")
|
|
36
|
+
vuln_status: PropertyRef = PropertyRef("vulnStatus")
|
|
37
|
+
lastupdated: PropertyRef = PropertyRef("lastupdated")
|
|
38
38
|
|
|
39
39
|
|
|
40
40
|
@dataclass(frozen=True)
|
|
41
41
|
class CVEtoCVEFeedRelProperties(CartographyRelProperties):
|
|
42
|
-
lastupdated: PropertyRef = PropertyRef(
|
|
42
|
+
lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
|
|
43
43
|
|
|
44
44
|
|
|
45
45
|
@dataclass(frozen=True)
|
|
46
46
|
# (:CVE)<-[:RESOURCE]-(:CVEFeed)
|
|
47
|
-
class
|
|
48
|
-
target_node_label: str =
|
|
47
|
+
class CVEtoCVEFeedRel(CartographyRelSchema):
|
|
48
|
+
target_node_label: str = "CVEFeed"
|
|
49
49
|
target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
|
|
50
|
-
{
|
|
50
|
+
{"id": PropertyRef("FEED_ID", set_in_kwargs=True)},
|
|
51
51
|
)
|
|
52
52
|
direction: LinkDirection = LinkDirection.INWARD
|
|
53
53
|
rel_label: str = "RESOURCE"
|
|
@@ -56,26 +56,28 @@ class CVEtoCVEFeedRelSchema(CartographyRelSchema):
|
|
|
56
56
|
|
|
57
57
|
@dataclass(frozen=True)
|
|
58
58
|
class CVEToSpotlightVulnerabilityRelProperties(CartographyRelProperties):
|
|
59
|
-
lastupdated: PropertyRef = PropertyRef(
|
|
59
|
+
lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
|
|
60
60
|
|
|
61
61
|
|
|
62
62
|
@dataclass(frozen=True)
|
|
63
63
|
# (:CVE)<-[:HAS_CVE]-(:SpotlightVulnerability)
|
|
64
64
|
class CVEToSpotlightVulnerabilityRel(CartographyRelSchema):
|
|
65
|
-
target_node_label: str =
|
|
65
|
+
target_node_label: str = "SpotlightVulnerability"
|
|
66
66
|
target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
|
|
67
|
-
{
|
|
67
|
+
{"id": PropertyRef("id")},
|
|
68
68
|
)
|
|
69
69
|
direction: LinkDirection = LinkDirection.INWARD
|
|
70
70
|
rel_label: str = "HAS_CVE"
|
|
71
|
-
properties: CVEToSpotlightVulnerabilityRelProperties =
|
|
71
|
+
properties: CVEToSpotlightVulnerabilityRelProperties = (
|
|
72
|
+
CVEToSpotlightVulnerabilityRelProperties()
|
|
73
|
+
)
|
|
72
74
|
|
|
73
75
|
|
|
74
76
|
@dataclass(frozen=True)
|
|
75
77
|
class CVESchema(CartographyNodeSchema):
|
|
76
|
-
label: str =
|
|
78
|
+
label: str = "CVE"
|
|
77
79
|
properties: CVENodeProperties = CVENodeProperties()
|
|
78
|
-
sub_resource_relationship:
|
|
80
|
+
sub_resource_relationship: CVEtoCVEFeedRel = CVEtoCVEFeedRel()
|
|
79
81
|
other_relationships: OtherRelationships = OtherRelationships(
|
|
80
82
|
[
|
|
81
83
|
CVEToSpotlightVulnerabilityRel(),
|
|
@@ -7,14 +7,14 @@ from cartography.models.core.nodes import CartographyNodeSchema
|
|
|
7
7
|
|
|
8
8
|
@dataclass(frozen=True)
|
|
9
9
|
class CVEFeedNodeProperties(CartographyNodeProperties):
|
|
10
|
-
id: PropertyRef = PropertyRef(
|
|
11
|
-
lastupdated: PropertyRef = PropertyRef(
|
|
12
|
-
format: PropertyRef = PropertyRef(
|
|
13
|
-
version: PropertyRef = PropertyRef(
|
|
14
|
-
timestamp: PropertyRef = PropertyRef(
|
|
10
|
+
id: PropertyRef = PropertyRef("FEED_ID")
|
|
11
|
+
lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
|
|
12
|
+
format: PropertyRef = PropertyRef("format")
|
|
13
|
+
version: PropertyRef = PropertyRef("version")
|
|
14
|
+
timestamp: PropertyRef = PropertyRef("timestamp")
|
|
15
15
|
|
|
16
16
|
|
|
17
17
|
@dataclass(frozen=True)
|
|
18
18
|
class CVEFeedSchema(CartographyNodeSchema):
|
|
19
|
-
label: str =
|
|
19
|
+
label: str = "CVEFeed"
|
|
20
20
|
properties: CVEFeedNodeProperties = CVEFeedNodeProperties()
|
|
File without changes
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
from dataclasses import dataclass
|
|
2
|
+
|
|
3
|
+
from cartography.models.core.common import PropertyRef
|
|
4
|
+
from cartography.models.core.nodes import CartographyNodeProperties
|
|
5
|
+
from cartography.models.core.nodes import CartographyNodeSchema
|
|
6
|
+
|
|
7
|
+
|
|
8
|
+
@dataclass(frozen=True)
|
|
9
|
+
class DOAccountNodeProperties(CartographyNodeProperties):
|
|
10
|
+
id: PropertyRef = PropertyRef("id")
|
|
11
|
+
lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
|
|
12
|
+
uuid: PropertyRef = PropertyRef("uuid")
|
|
13
|
+
droplet_limit: PropertyRef = PropertyRef("droplet_limit")
|
|
14
|
+
floating_ip_limit: PropertyRef = PropertyRef("floating_ip_limit")
|
|
15
|
+
status: PropertyRef = PropertyRef("status")
|
|
16
|
+
|
|
17
|
+
|
|
18
|
+
@dataclass(frozen=True)
|
|
19
|
+
class DOAccountSchema(CartographyNodeSchema):
|
|
20
|
+
label: str = "DOAccount"
|
|
21
|
+
properties: DOAccountNodeProperties = DOAccountNodeProperties()
|
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
from dataclasses import dataclass
|
|
2
|
+
|
|
3
|
+
from cartography.models.core.common import PropertyRef
|
|
4
|
+
from cartography.models.core.nodes import CartographyNodeProperties
|
|
5
|
+
from cartography.models.core.nodes import CartographyNodeSchema
|
|
6
|
+
from cartography.models.core.nodes import ExtraNodeLabels
|
|
7
|
+
from cartography.models.core.relationships import CartographyRelProperties
|
|
8
|
+
from cartography.models.core.relationships import CartographyRelSchema
|
|
9
|
+
from cartography.models.core.relationships import LinkDirection
|
|
10
|
+
from cartography.models.core.relationships import make_target_node_matcher
|
|
11
|
+
from cartography.models.core.relationships import TargetNodeMatcher
|
|
12
|
+
|
|
13
|
+
|
|
14
|
+
@dataclass(frozen=True)
|
|
15
|
+
class DODropletNodeProperties(CartographyNodeProperties):
|
|
16
|
+
id: PropertyRef = PropertyRef("id")
|
|
17
|
+
lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
|
|
18
|
+
name: PropertyRef = PropertyRef("name")
|
|
19
|
+
locked: PropertyRef = PropertyRef("locked")
|
|
20
|
+
status: PropertyRef = PropertyRef("status")
|
|
21
|
+
region: PropertyRef = PropertyRef("region")
|
|
22
|
+
created_at: PropertyRef = PropertyRef("created_at")
|
|
23
|
+
image: PropertyRef = PropertyRef("image")
|
|
24
|
+
size: PropertyRef = PropertyRef("size")
|
|
25
|
+
kernel: PropertyRef = PropertyRef("kernel")
|
|
26
|
+
tags: PropertyRef = PropertyRef("tags")
|
|
27
|
+
volumes: PropertyRef = PropertyRef("volumes")
|
|
28
|
+
vpc_uuid: PropertyRef = PropertyRef("vpc_uuid")
|
|
29
|
+
ip_address: PropertyRef = PropertyRef("ip_address")
|
|
30
|
+
private_ip_address: PropertyRef = PropertyRef("private_ip_address")
|
|
31
|
+
ip_v6_address: PropertyRef = PropertyRef("ip_v6_address")
|
|
32
|
+
account_id: PropertyRef = PropertyRef("ACCOUNT_ID", set_in_kwargs=True)
|
|
33
|
+
project_id: PropertyRef = PropertyRef("PROJECT_ID", set_in_kwargs=True)
|
|
34
|
+
|
|
35
|
+
|
|
36
|
+
@dataclass(frozen=True)
|
|
37
|
+
class DODropletToAccountRelProperties(CartographyRelProperties):
|
|
38
|
+
lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
|
|
39
|
+
|
|
40
|
+
|
|
41
|
+
@dataclass(frozen=True)
|
|
42
|
+
# (:DOProject)<-[:RESOURCE]-(:DODroplet)
|
|
43
|
+
class DODropletToAccountRel(CartographyRelSchema):
|
|
44
|
+
target_node_label: str = "DOProject"
|
|
45
|
+
target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
|
|
46
|
+
{"id": PropertyRef("PROJECT_ID", set_in_kwargs=True)},
|
|
47
|
+
)
|
|
48
|
+
direction: LinkDirection = LinkDirection.OUTWARD
|
|
49
|
+
rel_label: str = "RESOURCE"
|
|
50
|
+
properties: DODropletToAccountRelProperties = DODropletToAccountRelProperties()
|
|
51
|
+
|
|
52
|
+
|
|
53
|
+
@dataclass(frozen=True)
|
|
54
|
+
class DODropletSchema(CartographyNodeSchema):
|
|
55
|
+
label: str = "DODroplet"
|
|
56
|
+
extra_node_labels: ExtraNodeLabels = ExtraNodeLabels(["ComputeInstance"])
|
|
57
|
+
properties: DODropletNodeProperties = DODropletNodeProperties()
|
|
58
|
+
sub_resource_relationship: DODropletToAccountRel = DODropletToAccountRel()
|
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
from dataclasses import dataclass
|
|
2
|
+
|
|
3
|
+
from cartography.models.core.common import PropertyRef
|
|
4
|
+
from cartography.models.core.nodes import CartographyNodeProperties
|
|
5
|
+
from cartography.models.core.nodes import CartographyNodeSchema
|
|
6
|
+
from cartography.models.core.relationships import CartographyRelProperties
|
|
7
|
+
from cartography.models.core.relationships import CartographyRelSchema
|
|
8
|
+
from cartography.models.core.relationships import LinkDirection
|
|
9
|
+
from cartography.models.core.relationships import make_target_node_matcher
|
|
10
|
+
from cartography.models.core.relationships import TargetNodeMatcher
|
|
11
|
+
|
|
12
|
+
|
|
13
|
+
@dataclass(frozen=True)
|
|
14
|
+
class DOProjectNodeProperties(CartographyNodeProperties):
|
|
15
|
+
id: PropertyRef = PropertyRef("id")
|
|
16
|
+
lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
|
|
17
|
+
account_id: PropertyRef = PropertyRef("ACCOUNT_ID", set_in_kwargs=True)
|
|
18
|
+
name: PropertyRef = PropertyRef("name")
|
|
19
|
+
owner_uuid: PropertyRef = PropertyRef("owner_uuid")
|
|
20
|
+
description: PropertyRef = PropertyRef("description")
|
|
21
|
+
environment: PropertyRef = PropertyRef("environment")
|
|
22
|
+
is_default: PropertyRef = PropertyRef("is_default")
|
|
23
|
+
created_at: PropertyRef = PropertyRef("created_at")
|
|
24
|
+
updated_at: PropertyRef = PropertyRef("updated_at")
|
|
25
|
+
|
|
26
|
+
|
|
27
|
+
@dataclass(frozen=True)
|
|
28
|
+
class DOProjectToAccountRelProperties(CartographyRelProperties):
|
|
29
|
+
lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
|
|
30
|
+
|
|
31
|
+
|
|
32
|
+
@dataclass(frozen=True)
|
|
33
|
+
# (:DOAccount)<-[:RESOURCE]-(:DOProject)
|
|
34
|
+
class DOProjectToAccountRel(CartographyRelSchema):
|
|
35
|
+
target_node_label: str = "DOAccount"
|
|
36
|
+
target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
|
|
37
|
+
{"id": PropertyRef("ACCOUNT_ID", set_in_kwargs=True)},
|
|
38
|
+
)
|
|
39
|
+
direction: LinkDirection = LinkDirection.OUTWARD
|
|
40
|
+
rel_label: str = "RESOURCE"
|
|
41
|
+
properties: DOProjectToAccountRelProperties = DOProjectToAccountRelProperties()
|
|
42
|
+
|
|
43
|
+
|
|
44
|
+
@dataclass(frozen=True)
|
|
45
|
+
class DOProjectSchema(CartographyNodeSchema):
|
|
46
|
+
label: str = "DOProject"
|
|
47
|
+
properties: DOProjectNodeProperties = DOProjectNodeProperties()
|
|
48
|
+
sub_resource_relationship: DOProjectToAccountRel = DOProjectToAccountRel()
|
|
@@ -7,11 +7,11 @@ from cartography.models.core.nodes import CartographyNodeSchema
|
|
|
7
7
|
|
|
8
8
|
@dataclass(frozen=True)
|
|
9
9
|
class DuoApiHostNodeProperties(CartographyNodeProperties):
|
|
10
|
-
id: PropertyRef = PropertyRef(
|
|
11
|
-
lastupdated: PropertyRef = PropertyRef(
|
|
10
|
+
id: PropertyRef = PropertyRef("id")
|
|
11
|
+
lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
|
|
12
12
|
|
|
13
13
|
|
|
14
14
|
@dataclass(frozen=True)
|
|
15
15
|
class DuoApiHostSchema(CartographyNodeSchema):
|
|
16
|
-
label: str =
|
|
16
|
+
label: str = "DuoApiHost"
|
|
17
17
|
properties: DuoApiHostNodeProperties = DuoApiHostNodeProperties()
|
|
@@ -13,73 +13,75 @@ from cartography.models.core.relationships import TargetNodeMatcher
|
|
|
13
13
|
|
|
14
14
|
@dataclass(frozen=True)
|
|
15
15
|
class DuoEndpointNodeProperties(CartographyNodeProperties):
|
|
16
|
-
id: PropertyRef = PropertyRef(
|
|
17
|
-
lastupdated: PropertyRef = PropertyRef(
|
|
18
|
-
browsers: PropertyRef = PropertyRef(
|
|
19
|
-
computer_sid: PropertyRef = PropertyRef(
|
|
20
|
-
cpu_id: PropertyRef = PropertyRef(
|
|
21
|
-
device_id: PropertyRef = PropertyRef(
|
|
22
|
-
device_identifier: PropertyRef = PropertyRef(
|
|
23
|
-
device_identifier_type: PropertyRef = PropertyRef(
|
|
24
|
-
device_name: PropertyRef = PropertyRef(
|
|
25
|
-
device_udid: PropertyRef = PropertyRef(
|
|
26
|
-
device_username: PropertyRef = PropertyRef(
|
|
27
|
-
device_username_type: PropertyRef = PropertyRef(
|
|
28
|
-
disk_encryption_status: PropertyRef = PropertyRef(
|
|
29
|
-
domain_sid: PropertyRef = PropertyRef(
|
|
30
|
-
email: PropertyRef = PropertyRef(
|
|
31
|
-
epkey: PropertyRef = PropertyRef(
|
|
32
|
-
firewall_status: PropertyRef = PropertyRef(
|
|
33
|
-
hardware_uuid: PropertyRef = PropertyRef(
|
|
34
|
-
health_app_client_version: PropertyRef = PropertyRef(
|
|
35
|
-
health_data_last_collected: PropertyRef = PropertyRef(
|
|
36
|
-
last_updated: PropertyRef = PropertyRef(
|
|
37
|
-
machine_guid: PropertyRef = PropertyRef(
|
|
38
|
-
model: PropertyRef = PropertyRef(
|
|
39
|
-
os_build: PropertyRef = PropertyRef(
|
|
40
|
-
os_family: PropertyRef = PropertyRef(
|
|
41
|
-
os_version: PropertyRef = PropertyRef(
|
|
42
|
-
password_status: PropertyRef = PropertyRef(
|
|
43
|
-
security_agents: PropertyRef = PropertyRef(
|
|
44
|
-
trusted_endpoint: PropertyRef = PropertyRef(
|
|
45
|
-
type: PropertyRef = PropertyRef(
|
|
46
|
-
username: PropertyRef = PropertyRef(
|
|
16
|
+
id: PropertyRef = PropertyRef("epkey")
|
|
17
|
+
lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
|
|
18
|
+
browsers: PropertyRef = PropertyRef("browsers")
|
|
19
|
+
computer_sid: PropertyRef = PropertyRef("computer_sid")
|
|
20
|
+
cpu_id: PropertyRef = PropertyRef("cpu_id")
|
|
21
|
+
device_id: PropertyRef = PropertyRef("device_id")
|
|
22
|
+
device_identifier: PropertyRef = PropertyRef("device_identifier")
|
|
23
|
+
device_identifier_type: PropertyRef = PropertyRef("device_identifier_type")
|
|
24
|
+
device_name: PropertyRef = PropertyRef("device_name", extra_index=True)
|
|
25
|
+
device_udid: PropertyRef = PropertyRef("device_udid")
|
|
26
|
+
device_username: PropertyRef = PropertyRef("device_username")
|
|
27
|
+
device_username_type: PropertyRef = PropertyRef("device_username_type")
|
|
28
|
+
disk_encryption_status: PropertyRef = PropertyRef("disk_encryption_status")
|
|
29
|
+
domain_sid: PropertyRef = PropertyRef("domain_sid")
|
|
30
|
+
email: PropertyRef = PropertyRef("email", extra_index=True)
|
|
31
|
+
epkey: PropertyRef = PropertyRef("epkey", extra_index=True)
|
|
32
|
+
firewall_status: PropertyRef = PropertyRef("firewall_status")
|
|
33
|
+
hardware_uuid: PropertyRef = PropertyRef("hardware_uuid")
|
|
34
|
+
health_app_client_version: PropertyRef = PropertyRef("health_app_client_version")
|
|
35
|
+
health_data_last_collected: PropertyRef = PropertyRef("health_data_last_collected")
|
|
36
|
+
last_updated: PropertyRef = PropertyRef("last_updated")
|
|
37
|
+
machine_guid: PropertyRef = PropertyRef("machine_guid")
|
|
38
|
+
model: PropertyRef = PropertyRef("model")
|
|
39
|
+
os_build: PropertyRef = PropertyRef("os_build")
|
|
40
|
+
os_family: PropertyRef = PropertyRef("os_family")
|
|
41
|
+
os_version: PropertyRef = PropertyRef("os_version")
|
|
42
|
+
password_status: PropertyRef = PropertyRef("password_status")
|
|
43
|
+
security_agents: PropertyRef = PropertyRef("security_agents")
|
|
44
|
+
trusted_endpoint: PropertyRef = PropertyRef("trusted_endpoint")
|
|
45
|
+
type: PropertyRef = PropertyRef("type")
|
|
46
|
+
username: PropertyRef = PropertyRef("username", extra_index=True)
|
|
47
47
|
|
|
48
48
|
|
|
49
49
|
@dataclass(frozen=True)
|
|
50
50
|
class DuoEndpointToDuoApiHostRelProperties(CartographyRelProperties):
|
|
51
|
-
lastupdated: PropertyRef = PropertyRef(
|
|
51
|
+
lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
|
|
52
52
|
|
|
53
53
|
|
|
54
54
|
@dataclass(frozen=True)
|
|
55
55
|
class DuoEndpointToDuoApiHostRel(CartographyRelSchema):
|
|
56
|
-
target_node_label: str =
|
|
56
|
+
target_node_label: str = "DuoApiHost"
|
|
57
57
|
target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
|
|
58
|
-
{
|
|
58
|
+
{"id": PropertyRef("DUO_API_HOSTNAME", set_in_kwargs=True)},
|
|
59
59
|
)
|
|
60
60
|
direction: LinkDirection = LinkDirection.INWARD
|
|
61
61
|
rel_label: str = "RESOURCE"
|
|
62
|
-
properties: DuoEndpointToDuoApiHostRelProperties =
|
|
62
|
+
properties: DuoEndpointToDuoApiHostRelProperties = (
|
|
63
|
+
DuoEndpointToDuoApiHostRelProperties()
|
|
64
|
+
)
|
|
63
65
|
|
|
64
66
|
|
|
65
|
-
class
|
|
66
|
-
lastupdated: PropertyRef = PropertyRef(
|
|
67
|
+
class DuoEndpointToDuoUserRelProperties(CartographyRelProperties):
|
|
68
|
+
lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
|
|
67
69
|
|
|
68
70
|
|
|
69
71
|
@dataclass(frozen=True)
|
|
70
72
|
class DuoEndpointToDuoUserRel(CartographyRelSchema):
|
|
71
|
-
target_node_label: str =
|
|
73
|
+
target_node_label: str = "DuoUser"
|
|
72
74
|
target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
|
|
73
|
-
{
|
|
75
|
+
{"email": PropertyRef("email")},
|
|
74
76
|
)
|
|
75
77
|
direction: LinkDirection = LinkDirection.INWARD
|
|
76
78
|
rel_label: str = "HAS_DUO_ENDPOINT"
|
|
77
|
-
properties:
|
|
79
|
+
properties: DuoEndpointToDuoUserRelProperties = DuoEndpointToDuoUserRelProperties()
|
|
78
80
|
|
|
79
81
|
|
|
80
82
|
@dataclass(frozen=True)
|
|
81
83
|
class DuoEndpointSchema(CartographyNodeSchema):
|
|
82
|
-
label: str =
|
|
84
|
+
label: str = "DuoEndpoint"
|
|
83
85
|
properties: DuoEndpointNodeProperties = DuoEndpointNodeProperties()
|
|
84
86
|
sub_resource_relationship: DuoEndpointToDuoApiHostRel = DuoEndpointToDuoApiHostRel()
|
|
85
87
|
other_relationships: OtherRelationships = OtherRelationships(
|