Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@cloudgraph/cg-provider-azure
Advanced tools
CloudGraph provider plugin for Azure used to fetch Azure cloud data.
Scan cloud infrastructure via the Azure SDK
💻 Full CloudGraph Documentation Including Azure Examples
Install the aws provider in CloudGraph
cg init azure
Authenticate the CloudGraph Azure Provider any of the following ways:
CloudGraph needs read permissions in order to ingest your data. To keep things easy you can use the same permissions that we use internally when we run CloudGraph to power AutoCloud. Here are the Azure Docs for generating the correct Service Principal with a Client Secret (feel free to leave out AutoCloud specific configuration).
Service | Relations |
---|---|
disk | resourceGroup, virtualMachine |
dns | resourceGroup |
firewall | publicIp, virtualNetwork |
functionApp | resourceGroup |
keyVault | resourceGroup |
networkInterface | publicIp, resourceGroup, securityGroup, virtualMachine, virtualNetwork |
policyAssigment | |
publicIp | networkInterface, resourceGroup |
resourceGroup | all services |
securityAssessments | |
securityGroup | networkInterface, resourceGroup |
securityPricings | |
securitySettings | |
storageAccount | resourceGroup, storageContainer |
storageContainer | resourceGroup, storageAccount |
virtualMachine | disk, networkInterface, resourceGroup, virtualNetwork |
virtualNetwork | networkInterface, resourceGroup virtualMachine |
Install all the dependencies:
yarn
Generate types and compile:
yarn build
FAQs
CloudGraph provider plugin for Azure used to fetch Azure cloud data.
The npm package @cloudgraph/cg-provider-azure receives a total of 4 weekly downloads. As such, @cloudgraph/cg-provider-azure popularity was classified as not popular.
We found that @cloudgraph/cg-provider-azure demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.