Skip to content
This repository has been archived by the owner on Jun 25, 2024. It is now read-only.

Initial network ingestion #30

Merged
merged 5 commits into from
Oct 5, 2020
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 11 additions & 0 deletions docs/jupiterone.md
Original file line number Diff line number Diff line change
Expand Up @@ -70,22 +70,33 @@ The following entities are created:
| Cloud Function | `google_cloud_function` | `Function` |
| Cloud Storage Bucket | `google_storage_bucket` | `DataStore` |
| Compute Disk | `google_compute_disk` | `DataStore`, `Disk` |
| Compute Firewalls | `google_compute_firewall` | `Firewall` |
| Compute Instance | `google_compute_instance` | `Host` |
| Compute Networks | `google_compute_network` | `Network` |
| Compute Subnetwork | `google_compute_subnetwork` | `Network` |
| IAM Role | `google_iam_role` | `AccessRole` |
| IAM Service Account | `google_iam_service_account` | `User` |
| IAM Service Account Key | `google_iam_service_account_key` | `AccessKey` |
| IAM User | `google_user` | `User` |
| KMS Crypto Key | `google_kms_crypto_key` | `Key`, `CryptoKey` |
| KMS Key Ring | `google_kms_key_ring` | `Vault` |

### Relationships

The following relationships are created/mapped:

| Source Entity `_type` | Relationship `_class` | Target Entity `_type` |
| ---------------------------- | --------------------- | -------------------------------- |
| `internet` | **ALLOWS** | `google_compute_firewall` |
| `google_compute_firewall` | **PROTECTS** | `google_compute_network` |
| `google_compute_instance` | **TRUSTS** | `google_iam_service_account` |
| `google_compute_instance` | **USES** | `google_compute_disk` |
| `google_compute_network` | **CONTAINS** | `google_compute_subnetwork` |
| `google_compute_network` | **HAS** | `google_compute_firewall` |
| `google_compute_subnetwork` | **HAS** | `google_compute_instance` |
| `google_iam_service_account` | **ASSIGNED** | `google_iam_role` |
| `google_iam_service_account` | **HAS** | `google_iam_service_account_key` |
| `google_kms_key_ring` | **HAS** | `google_kms_crypto_key` |
| `google_user` | **ASSIGNED** | `google_iam_role` |

<!--
Expand Down
8 changes: 4 additions & 4 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -27,12 +27,12 @@
"create-env-file": "yarn ts-node ./scripts/createEnvFile $1"
},
"peerDependencies": {
"@jupiterone/integration-sdk-core": "^3.2.0"
"@jupiterone/integration-sdk-core": "^3.5.1"
},
"devDependencies": {
"@jupiterone/integration-sdk-core": "^3.2.0",
"@jupiterone/integration-sdk-dev-tools": "^3.2.0",
"@jupiterone/integration-sdk-testing": "^3.2.0",
"@jupiterone/integration-sdk-core": "^3.5.1",
"@jupiterone/integration-sdk-dev-tools": "^3.5.1",
"@jupiterone/integration-sdk-testing": "^3.5.1",
"dotenv": "^8.2.0",
"ts-node": "^8.10.2"
},
Expand Down
14 changes: 13 additions & 1 deletion src/getStepStartStates.ts
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,14 @@ import { STEP_API_SERVICES } from './steps/service-usage';
import { deserializeIntegrationConfig } from './utils/integrationConfig';
import { STEP_IAM_ROLES, STEP_IAM_SERVICE_ACCOUNTS } from './steps/iam';
import { STEP_RESOURCE_MANAGER_IAM_POLICY } from './steps/resource-manager';
import { STEP_COMPUTE_INSTANCES, STEP_COMPUTE_DISKS } from './steps/compute';
import {
STEP_COMPUTE_INSTANCES,
STEP_COMPUTE_DISKS,
STEP_COMPUTE_NETWORKS,
STEP_COMPUTE_SUBNETWORKS,
STEP_COMPUTE_FIREWALLS,
} from './steps/compute';
import { STEP_CLOUD_KMS_KEYS, STEP_CLOUD_KMS_KEY_RINGS } from './steps/kms';

async function getEnabledServiceNames(
config: IntegrationConfig,
Expand Down Expand Up @@ -91,6 +98,11 @@ export default async function getStepStartStates(
ServiceUsageName.RESOURCE_MANAGER,
),
[STEP_COMPUTE_DISKS]: createStepStartState(ServiceUsageName.COMPUTE),
[STEP_COMPUTE_NETWORKS]: createStepStartState(ServiceUsageName.COMPUTE),
[STEP_COMPUTE_FIREWALLS]: createStepStartState(ServiceUsageName.COMPUTE),
[STEP_COMPUTE_SUBNETWORKS]: createStepStartState(ServiceUsageName.COMPUTE),
[STEP_COMPUTE_INSTANCES]: createStepStartState(ServiceUsageName.COMPUTE),
[STEP_CLOUD_KMS_KEY_RINGS]: createStepStartState(ServiceUsageName.KMS),
[STEP_CLOUD_KMS_KEYS]: createStepStartState(ServiceUsageName.KMS),
};
}
11 changes: 11 additions & 0 deletions src/google-cloud/regions.ts
Original file line number Diff line number Diff line change
Expand Up @@ -121,3 +121,14 @@ export async function iterateRegionZones(
}
}
}

/**
* Example:
*
* Input: 'https://www.googleapis.com/compute/v1/projects/j1-gc-integration-dev/regions/asia-southeast1'
* Output: 'asia-southeast1'
*/
export function parseRegionNameFromRegionUrl(regionUrl: string) {
const parts = regionUrl.split('/');
return parts[parts.length - 1];
}
1 change: 1 addition & 0 deletions src/google-cloud/types.ts
Original file line number Diff line number Diff line change
Expand Up @@ -10,4 +10,5 @@ export enum ServiceUsageName {
IAM = 'iam.googleapis.com',
RESOURCE_MANAGER = 'cloudresourcemanager.googleapis.com',
COMPUTE = 'compute.googleapis.com',
KMS = 'cloudkms.googleapis.com',
}
24 changes: 23 additions & 1 deletion src/index.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,14 @@ import { STEP_API_SERVICES } from './steps/service-usage';
import { parseServiceAccountKeyFile } from './utils/parseServiceAccountKeyFile';
import { STEP_IAM_ROLES, STEP_IAM_SERVICE_ACCOUNTS } from './steps/iam';
import { STEP_RESOURCE_MANAGER_IAM_POLICY } from './steps/resource-manager';
import { STEP_COMPUTE_DISKS, STEP_COMPUTE_INSTANCES } from './steps/compute';
import {
STEP_COMPUTE_DISKS,
STEP_COMPUTE_FIREWALLS,
STEP_COMPUTE_INSTANCES,
STEP_COMPUTE_NETWORKS,
STEP_COMPUTE_SUBNETWORKS,
} from './steps/compute';
import { STEP_CLOUD_KMS_KEYS, STEP_CLOUD_KMS_KEY_RINGS } from './steps/kms';

interface ValidateInvocationInvalidConfigTestParams {
instanceConfig?: Partial<IntegrationConfig>;
Expand Down Expand Up @@ -109,6 +116,21 @@ describe('#getStepStartStates success', () => {
[STEP_COMPUTE_INSTANCES]: {
disabled: false,
},
[STEP_COMPUTE_NETWORKS]: {
disabled: false,
},
[STEP_COMPUTE_SUBNETWORKS]: {
disabled: false,
},
[STEP_COMPUTE_FIREWALLS]: {
disabled: false,
},
[STEP_CLOUD_KMS_KEY_RINGS]: {
disabled: false,
},
[STEP_CLOUD_KMS_KEYS]: {
disabled: false,
},
};

expect(stepStartStates).toEqual(expectedStepStartStates);
Expand Down
2 changes: 2 additions & 0 deletions src/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ import { serviceUsageSteps } from './steps/service-usage';
import { iamSteps } from './steps/iam';
import { resourceManagerSteps } from './steps/resource-manager';
import { computeSteps } from './steps/compute';
import { kmsSteps } from './steps/kms';

export const invocationConfig: IntegrationInvocationConfig<IntegrationConfig> = {
instanceConfigFields: {
Expand All @@ -23,5 +24,6 @@ export const invocationConfig: IntegrationInvocationConfig<IntegrationConfig> =
...iamSteps,
...resourceManagerSteps,
...computeSteps,
...kmsSteps,
],
};
Loading