cartography 0.93.0rc1__py3-none-any.whl → 0.123.0__py3-none-any.whl

cartography/intel/crowdstrike/__init__.py

@@ -1,11 +1,14 @@
 import logging
+from typing import Any
 
 import neo4j
 
 from cartography.config import Config
+from cartography.graph.job import GraphJob
 from cartography.intel.crowdstrike.endpoints import sync_hosts
 from cartography.intel.crowdstrike.spotlight import sync_vulnerabilities
 from cartography.intel.crowdstrike.util import get_authorization
+from cartography.models.crowdstrike.hosts import CrowdstrikeHostSchema
 from cartography.stats import get_stats_client
 from cartography.util import merge_module_sync_metadata
 from cartography.util import run_cleanup_job
@@ -17,7 +20,8 @@ stat_handler = get_stats_client(__name__)
 
 @timeit
 def start_crowdstrike_ingestion(
-    neo4j_session: neo4j.Session, config: Config,
+    neo4j_session: neo4j.Session,
+    config: Config,
 ) -> None:
     """
     Perform ingestion of crowdstrike data.
@@ -28,10 +32,7 @@ def start_crowdstrike_ingestion(
     common_job_parameters = {
         "UPDATE_TAG": config.update_tag,
     }
-    if (
-        not config.crowdstrike_client_id or
-        not config.crowdstrike_client_secret
-    ):
+    if not config.crowdstrike_client_id or not config.crowdstrike_client_secret:
         logger.error("crowdstrike config not found")
         return
 
@@ -50,20 +51,33 @@ def start_crowdstrike_ingestion(
         config.update_tag,
         authorization,
     )
-    run_cleanup_job(
-        "crowdstrike_import_cleanup.json",
-        neo4j_session,
-        common_job_parameters,
-    )
+    cleanup(neo4j_session, common_job_parameters)
 
     group_id = "public"
     if config.crowdstrike_api_url:
         group_id = config.crowdstrike_api_url
     merge_module_sync_metadata(
         neo4j_session,
-        group_type='crowdstrike',
+        group_type="crowdstrike",
         group_id=group_id,
-        synced_type='crowdstrike',
+        synced_type="crowdstrike",
         update_tag=config.update_tag,
         stat_handler=stat_handler,
     )
+
+
+@timeit
+def cleanup(
+    neo4j_session: neo4j.Session, common_job_parameters: dict[str, Any]
+) -> None:
+    logger.info("Running Crowdstrike cleanup")
+    GraphJob.from_node_schema(CrowdstrikeHostSchema(), common_job_parameters).run(
+        neo4j_session
+    )
+
+    # Cleanup other crowdstrike assets not handled by the data model
+    run_cleanup_job(
+        "crowdstrike_import_cleanup.json",
+        neo4j_session,
+        common_job_parameters,
+    )

cartography/intel/crowdstrike/endpoints.py

@@ -6,6 +6,8 @@ import neo4j
 from falconpy.hosts import Hosts
 from falconpy.oauth2 import OAuth2
 
+from cartography.client.core.tx import load
+from cartography.models.crowdstrike.hosts import CrowdstrikeHostSchema
 from cartography.util import timeit
 
 logger = logging.getLogger(__name__)
@@ -24,59 +26,29 @@ def sync_hosts(
         load_host_data(neo4j_session, host_data, update_tag)
 
 
+@timeit
 def load_host_data(
-    neo4j_session: neo4j.Session, data: List[Dict], update_tag: int,
+    neo4j_session: neo4j.Session,
+    data: List[Dict],
+    update_tag: int,
 ) -> None:
     """
-    Transform and load scan information
-    """
-    ingestion_cypher_query = """
-    UNWIND $Hosts AS host
-        MERGE (h:CrowdstrikeHost{id: host.device_id})
-        ON CREATE SET h.cid = host.cid,
-            h.cid = host.cid,
-            h.instance_id = host.instance_id,
-            h.firstseen = timestamp()
-        SET h.status = host.status,
-            h.hostname = host.hostname,
-            h.machine_domain = host.machine_domain,
-            h.crowdstrike_first_seen = host.first_seen,
-            h.crowdstrike_last_seen = host.last_seen,
-            h.local_ip = host.local_ip,
-            h.external_ip = host.external_ip,
-            h.cpu_signature = host.cpu_signature,
-            h.bios_manufacturer = host.bios_manufacturer,
-            h.bios_version = host.bios_version,
-            h.mac_address = host.mac_address,
-            h.os_version = host.os_version,
-            h.os_build = host.os_build,
-            h.platform_id = host.platform_id,
-            h.platform_name = host.platform_name,
-            h.service_provider = host.service_provider,
-            h.service_provider_account_id = host.service_provider_account_id,
-            h.agent_version = host.agent_version,
-            h.system_manufacturer = host.system_manufacturer,
-            h.system_product_name = host.system_product_name,
-            h.product_type = host.product_type,
-            h.product_type_desc = host.product_type_desc,
-            h.provision_status = host.provision_status,
-            h.reduced_functionality_mode = host.reduced_functionality_mode,
-            h.kernel_version = host.kernel_version,
-            h.major_version = host.major_version,
-            h.minor_version = host.minor_version,
-            h.tags = host.tags,
-            h.modified_timestamp = host.modified_timestamp,
-            h.lastupdated = $update_tag
+    Load Crowdstrike host data into Neo4j.
     """
     logger.info(f"Loading {len(data)} crowdstrike hosts.")
-    neo4j_session.run(
-        ingestion_cypher_query,
-        Hosts=data,
-        update_tag=update_tag,
+    load(
+        neo4j_session,
+        CrowdstrikeHostSchema(),
+        data,
+        lastupdated=update_tag,
     )
 
 
-def get_host_ids(client: Hosts, crowdstrikeapi_filter: str = '', crowdstrikeapi_limit: int = 5000) -> List[List[str]]:
+def get_host_ids(
+    client: Hosts,
+    crowdstrikeapi_filter: str = "",
+    crowdstrikeapi_limit: int = 5000,
+) -> List[List[str]]:
     ids = []
     parameters = {"filter": crowdstrikeapi_filter, "limit": crowdstrikeapi_limit}
     response = client.QueryDevicesByFilter(parameters=parameters)

cartography/intel/crowdstrike/spotlight.py

@@ -6,6 +6,7 @@ import neo4j
 from falconpy.oauth2 import OAuth2
 from falconpy.spotlight_vulnerabilities import Spotlight_Vulnerabilities
 
+from cartography.client.core.tx import run_write_query
 from cartography.util import timeit
 
 logger = logging.getLogger(__name__)
@@ -25,7 +26,9 @@ def sync_vulnerabilities(
 
 
 def load_vulnerability_data(
-    neo4j_session: neo4j.Session, data: List[Dict], update_tag: int,
+    neo4j_session: neo4j.Session,
+    data: List[Dict],
+    update_tag: int,
 ) -> None:
     """
     Transform and load scan information
@@ -77,7 +80,8 @@ def load_vulnerability_data(
             cves.append(cve)
         vuln["host_info_local_ip"] = item.get("host_info", {}).get("local_ip")
         vulns.append(vuln)
-    neo4j_session.run(
+    run_write_query(
+        neo4j_session,
         ingestion_cypher_query,
         Vulnerabilities=vulns,
         update_tag=update_tag,
@@ -104,14 +108,17 @@ def _load_cves(neo4j_session: neo4j.Session, data: List[Dict], update_tag: int)
         ON CREATE SET hc.firstseen = timestamp()
         SET hc.lastupdated = $update_tag
     """
-    neo4j_session.run(
+    run_write_query(
+        neo4j_session,
         ingestion_cypher_query,
         cves=data,
         update_tag=update_tag,
     )
 
 
-def get_spotlight_vulnerability_ids(client: Spotlight_Vulnerabilities) -> List[List[str]]:
+def get_spotlight_vulnerability_ids(
+    client: Spotlight_Vulnerabilities,
+) -> List[List[str]]:
     ids = []
     parameters = {"filter": 'status:!"closed"', "limit": 400}
     response = client.queryVulnerabilities(parameters=parameters)
@@ -135,7 +142,8 @@ def get_spotlight_vulnerability_ids(client: Spotlight_Vulnerabilities) -> List[L
 
 
 def get_spotlight_vulnerabilities(
-    client: Spotlight_Vulnerabilities, ids: List[str],
+    client: Spotlight_Vulnerabilities,
+    ids: List[str],
 ) -> List[Dict]:
     response = client.getVulnerabilities(ids=",".join(ids))
     body = response.get("body", {})

cartography/intel/cve/__init__.py

@@ -2,6 +2,9 @@ import logging
 from datetime import datetime
 
 import neo4j
+from requests import Session
+from requests.adapters import HTTPAdapter
+from urllib3 import Retry
 
 from cartography.config import Config
 from cartography.intel.cve import feed
@@ -13,56 +16,118 @@ logger = logging.getLogger(__name__)
 stat_handler = get_stats_client(__name__)
 
 
-@timeit
-def start_cve_ingestion(
-    neo4j_session: neo4j.Session, config: Config,
-) -> None:
-    """
-    Perform ingestion of CVE data from NIST APIs.
-    :param neo4j_session: Neo4J session for database interface
-    :param config: A cartography.config object
-    :return: None
-    """
-    if not config.cve_enabled:
-        return
-    cve_api_key = config.cve_api_key if config.cve_api_key else None
+def _retryable_session() -> Session:
+    session = Session()
+    retry_policy = Retry(
+        total=8,
+        connect=1,
+        backoff_factor=1,
+        status_forcelist=[429, 500, 502, 503, 504],
+        allowed_methods=["GET"],
+    )
+    session.mount("https://", HTTPAdapter(max_retries=retry_policy))
+    logger.info(f"Configured session with retry policy: {retry_policy}")
+    return session
+
 
-    # sync CVE year archives, if not yet synced
+def _sync_year_archives(
+    http_session: Session,
+    neo4j_session: neo4j.Session,
+    config: Config,
+    cve_api_key: str | None,
+) -> None:
     existing_years = feed.get_cve_sync_metadata(neo4j_session)
     current_year = datetime.now().year
-    for year in range(2002, current_year + 1):
+    logger.info(
+        f"Syncing CVE data for year archives. Existing years: {existing_years}. Current year: {current_year}",
+    )
+    for year in range(1999, current_year + 1):
         if year in existing_years:
             continue
         logger.info(f"Syncing CVE data for year {year}")
-        cves = feed.get_published_cves_per_year(config.nist_cve_url, str(year), cve_api_key)
+        cves = feed.get_published_cves_per_year(
+            http_session,
+            config.nist_cve_url,
+            str(year),
+            cve_api_key,
+        )
         feed_metadata = feed.transform_cve_feed(cves)
         feed.load_cve_feed(neo4j_session, [feed_metadata], config.update_tag)
         published_cves = feed.transform_cves(cves)
-        feed.load_cves(neo4j_session, published_cves, feed_metadata['FEED_ID'], config.update_tag)
+        feed.load_cves(
+            neo4j_session,
+            published_cves,
+            feed_metadata["FEED_ID"],
+            config.update_tag,
+        )
         merge_module_sync_metadata(
             neo4j_session,
-            group_type='CVE',
+            group_type="CVE",
             group_id=year,
-            synced_type='year',
+            synced_type="year",
             update_tag=config.update_tag,
             stat_handler=stat_handler,
         )
 
-    # sync modified data
+
+def _sync_modified_data(
+    http_session: Session,
+    neo4j_session: neo4j.Session,
+    config: Config,
+    cve_api_key: str | None,
+) -> None:
     logger.info("Syncing CVE data for modified data")
     last_modified_date = feed.get_last_modified_cve_date(neo4j_session)
-    cves = feed.get_modified_cves(config.nist_cve_url, last_modified_date, cve_api_key)
+    cves = feed.get_modified_cves(
+        http_session,
+        config.nist_cve_url,
+        last_modified_date,
+        cve_api_key,
+    )
     feed_metadata = feed.transform_cve_feed(cves)
     feed.load_cve_feed(neo4j_session, [feed_metadata], config.update_tag)
     modified_cves = feed.transform_cves(cves)
-    feed.load_cves(neo4j_session, modified_cves, feed_metadata['FEED_ID'], config.update_tag)
+    feed.load_cves(
+        neo4j_session,
+        modified_cves,
+        feed_metadata["FEED_ID"],
+        config.update_tag,
+    )
     merge_module_sync_metadata(
         neo4j_session,
-        group_type='CVE',
-        group_id=feed_metadata['timestamp'][:4],
-        synced_type='modified',
+        group_type="CVE",
+        group_id=feed_metadata["timestamp"][:4],
+        synced_type="modified",
         update_tag=config.update_tag,
         stat_handler=stat_handler,
     )
 
-    # CVEs are never deleted, so we don't need to run a cleanup job
+
+@timeit
+def start_cve_ingestion(
+    neo4j_session: neo4j.Session,
+    config: Config,
+) -> None:
+    """
+    Perform ingestion of CVE data from NIST APIs.
+    :param neo4j_session: Neo4J session for database interface
+    :param config: A cartography.config object
+    :return: None
+    """
+    if not config.cve_enabled:
+        return
+    cve_api_key: str | None = config.cve_api_key if config.cve_api_key else None
+    with _retryable_session() as http_session:
+        _sync_year_archives(
+            http_session,
+            neo4j_session=neo4j_session,
+            config=config,
+            cve_api_key=cve_api_key,
+        )
+        _sync_modified_data(
+            http_session,
+            neo4j_session=neo4j_session,
+            config=config,
+            cve_api_key=cve_api_key,
+        )
+        # CVEs are never deleted, so we don't need to run a cleanup job

cartography/intel/cve/feed.py

@@ -11,7 +11,7 @@ from typing import List
 from typing import Optional
 
 import neo4j
-import requests
+from requests import Session
 
 from cartography.client.core.tx import load
 from cartography.client.core.tx import read_list_of_values_tx
@@ -22,9 +22,8 @@ from cartography.util import timeit
 
 logger = logging.getLogger(__name__)
 
-MAX_RETRIES = 3
-# Connect and read timeouts of 60 seconds each; see https://requests.readthedocs.io/en/master/user/advanced/#timeouts
-CONNECT_AND_READ_TIMEOUT = (60, 60)
+# Connect and read timeouts of 120 seconds each; see https://requests.readthedocs.io/en/master/user/advanced/#timeouts
+CONNECT_AND_READ_TIMEOUT = (30, 120)
 CVE_FEED_ID = "NIST_NVD"
 BATCH_SIZE_DAYS = 120
 RESULTS_PER_PAGE = 2000
@@ -52,7 +51,10 @@ def get_last_modified_cve_date(neo4j_session: neo4j.Session) -> str:
     ORDER BY last_modified DESC
     LIMIT 1
     """
-    result = cast(neo4j.time.DateTime, read_single_value_tx(neo4j_session, query)).to_native()
+    result = cast(
+        neo4j.time.DateTime,
+        read_single_value_tx(neo4j_session, query),
+    ).to_native()
     return result.strftime("%Y-%m-%dT%H:%M:%S")
 
 
@@ -62,59 +64,58 @@ def _map_cve_dict(cve_dict: Dict[Any, Any], data: Dict[Any, Any]) -> None:
     cve_dict["timestamp"] = data["timestamp"]
     cve_dict["totalResults"] = data["totalResults"]
     cve_dict["vulnerabilities"] = cve_dict.get("vulnerabilities", []) + data.get(
-        "vulnerabilities", [],
+        "vulnerabilities",
+        [],
     )
     cve_dict["resultsPerPage"] = data["resultsPerPage"]
     cve_dict["startIndex"] = data["startIndex"]
 
 
-def _call_cves_api(url: str, api_key: str, params: Dict[str, Any]) -> Dict[Any, Any]:
-    totalResults = 0
-    sleep_time = DEFAULT_SLEEP_TIME
-    retries = 0
+def _call_cves_api(
+    http_session: Session,
+    url: str,
+    api_key: str | None,
+    params: Dict[str, Any],
+) -> Dict[Any, Any]:
+    total_results = 0
     params["startIndex"] = 0
     params["resultsPerPage"] = RESULTS_PER_PAGE
-    headers = {}
-    headers["Content-Type"] = "application/json"
+    headers = {"Content-Type": "application/json"}
     if api_key:
+        sleep_between_requests = DEFAULT_SLEEP_TIME
         headers["apiKey"] = api_key
     else:
-        sleep_time = DELAYED_SLEEP_TIME  # Sleep for 6 seconds between each request to avoid rate limiting
+        sleep_between_requests = DELAYED_SLEEP_TIME
         logger.warning(
-            f"No NIST NVD API key provided. Increasing sleep time to {sleep_time}.",
+            f"No NIST NVD API key provided. Increasing sleep time to {sleep_between_requests}.",
         )
     results: Dict[Any, Any] = dict()
 
-    while params["resultsPerPage"] > 0 or params["startIndex"] < totalResults:
-        try:
-            res = requests.get(
-                url, params=params, headers=headers, timeout=CONNECT_AND_READ_TIMEOUT,
-            )
-            res.raise_for_status()
-        except requests.exceptions.HTTPError:
-            logger.error(
-                f"Failed to get CVE data from NIST NVD API {res.status_code} : {res.text}",
-            )
-            retries += 1
-            if retries >= MAX_RETRIES:
-                raise
-            continue
+    while params["resultsPerPage"] > 0 or params["startIndex"] < total_results:
+        logger.info(f"Calling NIST NVD API at {url} with params {params}")
+        res = http_session.get(
+            url,
+            params=params,
+            headers=headers,
+            timeout=CONNECT_AND_READ_TIMEOUT,
+        )
+        res.raise_for_status()
         data = res.json()
         _map_cve_dict(results, data)
-        totalResults = data["totalResults"]
+        total_results = data["totalResults"]
         params["resultsPerPage"] = data["resultsPerPage"]
         params["startIndex"] += data["resultsPerPage"]
-        retries = 0
-        time.sleep(sleep_time)
+        time.sleep(sleep_between_requests)
     return results
 
 
 def get_cves_in_batches(
+    http_session: Session,
     nist_cve_url: str,
     start_date: datetime,
     end_date: datetime,
     date_param_names: Dict[str, str],
-    api_key: str,
+    api_key: str | None,
 ) -> Dict[Any, Any]:
     cves: Dict[Any, Any] = dict()
     current_start_date: datetime = start_date
@@ -142,7 +143,7 @@ def get_cves_in_batches(
         logger.info(
             f"Querying CVE data between {current_start_date} and {current_end_date}",
         )
-        batch_cves = _call_cves_api(nist_cve_url, api_key, params)
+        batch_cves = _call_cves_api(http_session, nist_cve_url, api_key, params)
         _map_cve_dict(cves, batch_cves)
         current_start_date = current_end_date
         new_end_date = current_start_date + batch_size
@@ -153,9 +154,11 @@ def get_cves_in_batches(
 
 
 def get_modified_cves(
-    nist_cve_url: str, last_modified_date: str, api_key: str,
+    http_session: Session,
+    nist_cve_url: str,
+    last_modified_date: str,
+    api_key: str | None,
 ) -> Dict[Any, Any]:
-    cves = dict()
     end_date = datetime.now(tz=timezone.utc)
     start_date = datetime.strptime(last_modified_date, "%Y-%m-%dT%H:%M:%S").replace(
         tzinfo=timezone.utc,
@@ -165,15 +168,22 @@ def get_modified_cves(
         "end": "lastModEndDate",
     }
     cves = get_cves_in_batches(
-        nist_cve_url, start_date, end_date, date_param_names, api_key,
+        http_session,
+        nist_cve_url,
+        start_date,
+        end_date,
+        date_param_names,
+        api_key,
     )
     return cves
 
 
 def get_published_cves_per_year(
-    nist_cve_url: str, year: str, api_key: str,
+    http_session: Session,
+    nist_cve_url: str,
+    year: str,
+    api_key: str | None,
 ) -> Dict[Any, Any]:
-    cves = {}
     start_of_year = datetime.strptime(f"{year}-01-01", "%Y-%m-%d")
     next_year = int(year) + 1
     end_of_next_year = datetime.strptime(f"{next_year}-01-01", "%Y-%m-%d")
@@ -182,7 +192,12 @@ def get_published_cves_per_year(
         "end": "pubEndDate",
     }
     cves = get_cves_in_batches(
-        nist_cve_url, start_of_year, end_of_next_year, date_param_names, api_key,
+        http_session,
+        nist_cve_url,
+        start_of_year,
+        end_of_next_year,
+        date_param_names,
+        api_key,
     )
     return cves
 
@@ -213,9 +228,13 @@ def transform_cves(cve_json: Dict[Any, Any]) -> List[Dict[Any, Any]]:
             ]
             cve["references_urls"] = [url["url"] for url in cve["references"]]
             if cve.get("weaknesses"):
-                weakness_descriptions = [weakness["description"] for weakness in cve["weaknesses"]]
+                weakness_descriptions = [
+                    weakness["description"] for weakness in cve["weaknesses"]
+                ]
                 weakness_descriptions = reduce(
-                    lambda x, y: x + y, weakness_descriptions, [],
+                    lambda x, y: x + y,
+                    weakness_descriptions,
+                    [],
                 )
                 cve["weaknesses"] = [
                     description["value"]
@@ -227,21 +246,21 @@ def transform_cves(cve_json: Dict[Any, Any]) -> List[Dict[Any, Any]]:
             if cvss31:
                 cvss31.update(cvss31["cvssData"])
                 cvss31.pop("cvssData")
-                cve["vectorString"] = cvss31["vectorString"]
-                cve["attackVector"] = cvss31["attackVector"]
-                cve["attackComplexity"] = cvss31["attackComplexity"]
-                cve["privilegesRequired"] = cvss31["privilegesRequired"]
-                cve["userInteraction"] = cvss31["userInteraction"]
-                cve["scope"] = cvss31["scope"]
-                cve["confidentialityImpact"] = cvss31["confidentialityImpact"]
-                cve["integrityImpact"] = cvss31["integrityImpact"]
-                cve["availabilityImpact"] = cvss31["availabilityImpact"]
-                cve["baseScore"] = cvss31["baseScore"]
-                cve["baseSeverity"] = cvss31["baseSeverity"]
-                cve["exploitabilityScore"] = cvss31["exploitabilityScore"]
-                cve["impactScore"] = cvss31["impactScore"]
+                cve["vectorString"] = cvss31.get("vectorString")
+                cve["attackVector"] = cvss31.get("attackVector")
+                cve["attackComplexity"] = cvss31.get("attackComplexity")
+                cve["privilegesRequired"] = cvss31.get("privilegesRequired")
+                cve["userInteraction"] = cvss31.get("userInteraction")
+                cve["scope"] = cvss31.get("scope")
+                cve["confidentialityImpact"] = cvss31.get("confidentialityImpact")
+                cve["integrityImpact"] = cvss31.get("integrityImpact")
+                cve["availabilityImpact"] = cvss31.get("availabilityImpact")
+                cve["baseScore"] = cvss31.get("baseScore")
+                cve["baseSeverity"] = cvss31.get("baseSeverity")
+                cve["exploitabilityScore"] = cvss31.get("exploitabilityScore")
+                cve["impactScore"] = cvss31.get("impactScore")
         except Exception:
-            logger.error("Failed to transform CVE data {data}")
+            logger.error(f"Failed to transform CVE data {data}")
             raise
         cves.append(cve)
     return cves
@@ -280,7 +299,9 @@ def load_cves(
 
 
 def load_cve_feed(
-    neo4j_session: neo4j.Session, data: List[Dict[str, Any]], update_tag: int,
+    neo4j_session: neo4j.Session,
+    data: List[Dict[str, Any]],
+    update_tag: int,
 ) -> None:
     """
     Load CVE feed information

cartography/intel/digitalocean/__init__.py

@@ -9,7 +9,6 @@ from cartography.intel.digitalocean import management
 from cartography.intel.digitalocean import platform
 from cartography.util import timeit
 
-
 logger = logging.getLogger(__name__)
 
 
@@ -23,7 +22,9 @@ def start_digitalocean_ingestion(neo4j_session: neo4j.Session, config: Config) -
     """
 
     if not config.digitalocean_token:
-        logger.info('DigitalOcean import is not configured - skipping this module. See docs to configure.')
+        logger.info(
+            "DigitalOcean import is not configured - skipping this module. See docs to configure.",
+        )
         return
 
     common_job_parameters = {
@@ -31,14 +32,22 @@ def start_digitalocean_ingestion(neo4j_session: neo4j.Session, config: Config) -
     }
     manager = Manager(token=config.digitalocean_token)
 
-    """
-    Get Account ID related to this credentials and pass it along in `common_job_parameters` to avoid cleaning up other
-    accounts resources
-    """
-    account = manager.get_account()
-    common_job_parameters["DO_ACCOUNT_ID"] = account.uuid
-
-    platform.sync(neo4j_session, account, config.update_tag, common_job_parameters)
-    project_resources = management.sync(neo4j_session, manager, config.update_tag, common_job_parameters)
-    compute.sync(neo4j_session, manager, project_resources, config.update_tag, common_job_parameters)
-    return
+    account_id = platform.sync(
+        neo4j_session, manager, config.update_tag, common_job_parameters
+    )
+    common_job_parameters["ACCOUNT_ID"] = str(account_id)
+    projects_resources = management.sync(
+        neo4j_session,
+        manager,
+        account_id,
+        config.update_tag,
+        common_job_parameters,
+    )
+    compute.sync(
+        neo4j_session,
+        manager,
+        account_id,
+        projects_resources,
+        config.update_tag,
+        common_job_parameters,
+    )