@jupiterone/graph-google-cloud
Advanced tools
Comparing version 0.1.0 to 0.2.0
@@ -11,2 +11,22 @@ # Changelog | ||
## 0.2.0 - 2020-08-11 | ||
### Added | ||
- Ingest IAM roles as `google_iam_role` | ||
- Ingest IAM service accounts as `google_iam_service_account` | ||
- Ingest IAM service account keys as `google_iam_service_account_key` and build | ||
`HAS` relationship between `google_iam_service_account` and | ||
`google_iam_service_account_key`. | ||
- Ingest `google_user` | ||
- Build `ASSIGNED` relationship between `google_user` and `google_iam_role` | ||
- Fixes #10 - Build `ASSIGNED` relationship between `google_iam_service_account` | ||
and `google_iam_role` | ||
### Updated | ||
- Fixes #11 - Update all existing entity keys to not include the `_type` prefix | ||
- Fixes #31 - Make `_type` naming convention consistent with G Suite integration | ||
for `google_user` and the rest with Google Cloud Terraform provider. | ||
## 0.1.0 - 2020-08-04 | ||
@@ -35,4 +55,4 @@ | ||
- Ingestion of `google_cloud_function` | ||
- Ingestion of `google_cloud_storage_bucket` | ||
- Ingestion of `google_storage_bucket` | ||
- Ingestion of `google_cloud_api_service` | ||
- Integration setup documentation |
@@ -10,6 +10,12 @@ "use strict"; | ||
const integrationConfig_1 = require("./utils/integrationConfig"); | ||
const iam_1 = require("./steps/iam"); | ||
const resource_manager_1 = require("./steps/resource-manager"); | ||
async function getEnabledServiceNames(config) { | ||
const client = new client_1.ServiceUsageClient({ config }); | ||
const enabledServices = await client.collectEnabledServices(); | ||
return enabledServices.map((v) => v.name); | ||
return enabledServices.map((v) => { | ||
// Each value looks like this: `projects/PROJ_ID_NUM/services/appengine.googleapis.com` | ||
const serviceParts = v.name.split('/'); | ||
return serviceParts[serviceParts.length - 1]; | ||
}); | ||
} | ||
@@ -40,15 +46,17 @@ function validateInvocationConfig(context) { | ||
} | ||
const createStepStartState = (serviceName) => { | ||
return { | ||
disabled: !enabledServiceNames.includes(serviceName), | ||
}; | ||
}; | ||
return { | ||
[service_usage_1.STEP_API_SERVICES]: { | ||
// This API will be enabled otherwise fetching services names above would fail | ||
disabled: false, | ||
}, | ||
[functions_1.STEP_CLOUD_FUNCTIONS]: { | ||
disabled: enabledServiceNames.includes(types_1.ServiceUsageName.CLOUD_FUNCTIONS), | ||
}, | ||
[storage_1.STEP_CLOUD_STORAGE_BUCKETS]: { | ||
disabled: enabledServiceNames.includes(types_1.ServiceUsageName.STORAGE), | ||
}, | ||
// This API will be enabled otherwise fetching services names above would fail | ||
[service_usage_1.STEP_API_SERVICES]: { disabled: false }, | ||
[functions_1.STEP_CLOUD_FUNCTIONS]: createStepStartState(types_1.ServiceUsageName.CLOUD_FUNCTIONS), | ||
[storage_1.STEP_CLOUD_STORAGE_BUCKETS]: createStepStartState(types_1.ServiceUsageName.STORAGE), | ||
[iam_1.STEP_IAM_ROLES]: createStepStartState(types_1.ServiceUsageName.IAM), | ||
[iam_1.STEP_IAM_SERVICE_ACCOUNTS]: createStepStartState(types_1.ServiceUsageName.IAM), | ||
[resource_manager_1.STEP_RESOURCE_MANAGER_IAM_POLICY]: createStepStartState(types_1.ServiceUsageName.RESOURCE_MANAGER), | ||
}; | ||
} | ||
exports.default = getStepStartStates; |
@@ -8,3 +8,5 @@ export declare enum ServiceUsageListFilter { | ||
STORAGE = "storage.googleapis.com", | ||
SERVICE_USAGE = "serviceusage.googleapis.com" | ||
SERVICE_USAGE = "serviceusage.googleapis.com", | ||
IAM = "iam.googleapis.com", | ||
RESOURCE_MANAGER = "cloudresourcemanager.googleapis.com" | ||
} |
@@ -14,2 +14,4 @@ "use strict"; | ||
ServiceUsageName["SERVICE_USAGE"] = "serviceusage.googleapis.com"; | ||
ServiceUsageName["IAM"] = "iam.googleapis.com"; | ||
ServiceUsageName["RESOURCE_MANAGER"] = "cloudresourcemanager.googleapis.com"; | ||
})(ServiceUsageName = exports.ServiceUsageName || (exports.ServiceUsageName = {})); |
@@ -11,2 +11,4 @@ "use strict"; | ||
const service_usage_1 = require("./steps/service-usage"); | ||
const iam_1 = require("./steps/iam"); | ||
const resource_manager_1 = require("./steps/resource-manager"); | ||
exports.invocationConfig = { | ||
@@ -20,3 +22,9 @@ instanceConfigFields: { | ||
getStepStartStates: getStepStartStates_1.default, | ||
integrationSteps: [...functions_1.functionsSteps, ...storage_1.storageSteps, ...service_usage_1.serviceUsageSteps], | ||
integrationSteps: [ | ||
...functions_1.functionsSteps, | ||
...storage_1.storageSteps, | ||
...service_usage_1.serviceUsageSteps, | ||
...iam_1.iamSteps, | ||
...resource_manager_1.resourceManagerSteps, | ||
], | ||
}; |
@@ -6,3 +6,2 @@ "use strict"; | ||
const constants_1 = require("./constants"); | ||
const generateKeys_1 = require("../../utils/generateKeys"); | ||
function createCloudFunctionEntity(cloudFunction) { | ||
@@ -15,6 +14,3 @@ return integration_sdk_core_1.createIntegrationEntity({ | ||
_type: constants_1.CLOUD_FUNCTION_ENTITY_TYPE, | ||
_key: generateKeys_1.generateEntityKey({ | ||
type: constants_1.CLOUD_FUNCTION_ENTITY_TYPE, | ||
id: cloudFunction.name, | ||
}), | ||
_key: cloudFunction.name, | ||
name: cloudFunction.name, | ||
@@ -21,0 +17,0 @@ displayName: cloudFunction.name, |
@@ -21,3 +21,5 @@ "use strict"; | ||
const client = new client_1.CloudFunctionsClient({ config: context.instance.config }); | ||
await client.iterateCloudFunctions(async (cloudFunction) => await jobState.addEntity(converters_1.createCloudFunctionEntity(cloudFunction))); | ||
await client.iterateCloudFunctions(async (cloudFunction) => { | ||
await jobState.addEntity(converters_1.createCloudFunctionEntity(cloudFunction)); | ||
}); | ||
} | ||
@@ -24,0 +26,0 @@ exports.fetchCloudFunctions = fetchCloudFunctions; |
@@ -7,4 +7,4 @@ import { Client } from '../../google-cloud/client'; | ||
iterateServices(callback: (data: serviceusage_v1.Schema$GoogleApiServiceusageV1Service) => Promise<void>, paramOverrides?: serviceusage_v1.Params$Resource$Services$List): Promise<void>; | ||
iterateEnabledServices(callback: (data: serviceusage_v1.Schema$GoogleApiServiceusageV1Service) => Promise<void>): Promise<void>; | ||
iterateEnabledServices(callback: (data: serviceusage_v1.Schema$GoogleApiServiceusageV1Service) => void | Promise<void>): Promise<void>; | ||
collectEnabledServices(): Promise<serviceusage_v1.Schema$GoogleApiServiceusageV1Service[]>; | ||
} |
@@ -32,3 +32,5 @@ "use strict"; | ||
async iterateEnabledServices(callback) { | ||
return this.iterateServices(callback, { | ||
return this.iterateServices(async (result) => { | ||
await callback(result); | ||
}, { | ||
filter: types_1.ServiceUsageListFilter.ENABLED, | ||
@@ -39,3 +41,3 @@ }); | ||
const enabledServices = []; | ||
await this.iterateEnabledServices(async (data) => { | ||
await this.iterateEnabledServices((data) => { | ||
enabledServices.push(data); | ||
@@ -42,0 +44,0 @@ }); |
@@ -6,3 +6,2 @@ "use strict"; | ||
const constants_1 = require("./constants"); | ||
const generateKeys_1 = require("../../utils/generateKeys"); | ||
function createApiServiceEntity(data) { | ||
@@ -20,6 +19,3 @@ var _a, _b; | ||
_type: constants_1.API_SERVICE_ENTITY_TYPE, | ||
_key: generateKeys_1.generateEntityKey({ | ||
type: constants_1.API_SERVICE_ENTITY_TYPE, | ||
id: data.name, | ||
}), | ||
_key: data.name, | ||
name: config.name, | ||
@@ -26,0 +22,0 @@ displayName: config.title || undefined, |
@@ -21,3 +21,5 @@ "use strict"; | ||
const client = new client_1.ServiceUsageClient({ config }); | ||
await client.iterateServices(async (service) => await jobState.addEntity(converters_1.createApiServiceEntity(service))); | ||
await client.iterateServices(async (service) => { | ||
await jobState.addEntity(converters_1.createApiServiceEntity(service)); | ||
}); | ||
} | ||
@@ -24,0 +26,0 @@ exports.fetchApiServices = fetchApiServices; |
export declare const CLOUD_STORAGE_BUCKET_ENTITY_CLASS = "DataStore"; | ||
export declare const CLOUD_STORAGE_BUCKET_ENTITY_TYPE = "google_cloud_storage_bucket"; | ||
export declare const CLOUD_STORAGE_BUCKET_ENTITY_TYPE = "google_storage_bucket"; | ||
export declare const STEP_CLOUD_STORAGE_BUCKETS = "fetch-cloud-storage-buckets"; |
@@ -5,3 +5,3 @@ "use strict"; | ||
exports.CLOUD_STORAGE_BUCKET_ENTITY_CLASS = 'DataStore'; | ||
exports.CLOUD_STORAGE_BUCKET_ENTITY_TYPE = 'google_cloud_storage_bucket'; | ||
exports.CLOUD_STORAGE_BUCKET_ENTITY_TYPE = 'google_storage_bucket'; | ||
exports.STEP_CLOUD_STORAGE_BUCKETS = 'fetch-cloud-storage-buckets'; |
@@ -6,3 +6,2 @@ "use strict"; | ||
const constants_1 = require("./constants"); | ||
const generateKeys_1 = require("../../utils/generateKeys"); | ||
function getCloudStorageBucketWebLink(data, projectId) { | ||
@@ -19,6 +18,3 @@ return `https://console.cloud.google.com/storage/browser/${data.name};tab=objects?forceOnBucketsSortingFiltering=false&project=${projectId}`; | ||
_type: constants_1.CLOUD_STORAGE_BUCKET_ENTITY_TYPE, | ||
_key: generateKeys_1.generateEntityKey({ | ||
type: constants_1.CLOUD_STORAGE_BUCKET_ENTITY_TYPE, | ||
id: data.name, | ||
}), | ||
_key: `bucket:${data.id}`, | ||
id: data.id, | ||
@@ -25,0 +21,0 @@ name: data.name, |
@@ -21,3 +21,5 @@ "use strict"; | ||
const client = new client_1.CloudStorageClient({ config }); | ||
await client.iterateCloudStorageBuckets(async (bucket) => await jobState.addEntity(converters_1.createCloudStorageBucketEntity(bucket, config.serviceAccountKeyConfig.project_id))); | ||
await client.iterateCloudStorageBuckets(async (bucket) => { | ||
await jobState.addEntity(converters_1.createCloudStorageBucketEntity(bucket, config.serviceAccountKeyConfig.project_id)); | ||
}); | ||
} | ||
@@ -24,0 +26,0 @@ exports.fetchStorageBuckets = fetchStorageBuckets; |
{ | ||
"name": "@jupiterone/graph-google-cloud", | ||
"version": "0.1.0", | ||
"version": "0.2.0", | ||
"description": "A graph conversion tool for https://cloud.google.com/", | ||
@@ -30,10 +30,8 @@ "license": "MPL-2.0", | ||
"peerDependencies": { | ||
"@jupiterone/integration-sdk-core": "^2.8.0" | ||
"@jupiterone/integration-sdk-core": "^2.10.0" | ||
}, | ||
"devDependencies": { | ||
"@jupiterone/data-model": "^0.7.1", | ||
"@jupiterone/integration-sdk-core": "^2.8.0", | ||
"@jupiterone/integration-sdk-dev-tools": "^2.8.0", | ||
"@jupiterone/integration-sdk-testing": "^2.8.0", | ||
"deepmerge": "^4.2.2", | ||
"@jupiterone/integration-sdk-core": "^2.10.0", | ||
"@jupiterone/integration-sdk-dev-tools": "^2.10.0", | ||
"@jupiterone/integration-sdk-testing": "^2.10.0", | ||
"dotenv": "^8.2.0", | ||
@@ -40,0 +38,0 @@ "ts-node": "^8.10.2" |
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
1030359
5
61
1434
1