inventory

package
v0.0.0-...-a06f2db Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 27, 2025 License: Apache-2.0 Imports: 11 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	AwsCloudProvider   = "aws"
	AzureCloudProvider = "azure"
	GcpCloudProvider   = "gcp"
)

Variables

View Source 
var (
	// AWS
	AssetClassificationAwsEc2Instance              = AssetClassification{CategoryHost, "AWS EC2 Instance"}
	AssetClassificationAwsElbV1                    = AssetClassification{CategoryLoadBalancer, "AWS Elastic Load Balancer"}
	AssetClassificationAwsElbV2                    = AssetClassification{CategoryLoadBalancer, "AWS Elastic Load Balancer v2"}
	AssetClassificationAwsIamPolicy                = AssetClassification{CategoryAccessManagement, "AWS IAM Policy"}
	AssetClassificationAwsIamRole                  = AssetClassification{CategoryServiceAccount, "AWS IAM Role"}
	AssetClassificationAwsIamUser                  = AssetClassification{CategoryIdentity, "AWS IAM User"}
	AssetClassificationAwsLambdaEventSourceMapping = AssetClassification{CategoryFaaS, "AWS Lambda Event Source Mapping"}
	AssetClassificationAwsLambdaFunction           = AssetClassification{CategoryFaaS, "AWS Lambda Function"}
	AssetClassificationAwsLambdaLayer              = AssetClassification{CategoryFaaS, "AWS Lambda Layer"}
	AssetClassificationAwsInternetGateway          = AssetClassification{CategoryGateway, "AWS Internet Gateway"}
	AssetClassificationAwsNatGateway               = AssetClassification{CategoryGateway, "AWS NAT Gateway"}
	AssetClassificationAwsNetworkAcl               = AssetClassification{CategoryNetworking, "AWS EC2 Network ACL"}
	AssetClassificationAwsNetworkInterface         = AssetClassification{CategoryNetworking, "AWS EC2 Network Interface"}
	AssetClassificationAwsSecurityGroup            = AssetClassification{CategoryFirewall, "AWS EC2 Security Group"}
	AssetClassificationAwsSubnet                   = AssetClassification{CategoryNetworking, "AWS EC2 Subnet"}
	AssetClassificationAwsTransitGateway           = AssetClassification{CategoryGateway, "AWS Transit Gateway"}
	AssetClassificationAwsTransitGatewayAttachment = AssetClassification{CategoryGateway, "AWS Transit Gateway Attachment"}
	AssetClassificationAwsVpcPeeringConnection     = AssetClassification{CategoryNetworking, "AWS VPC Peering Connection"}
	AssetClassificationAwsVpc                      = AssetClassification{CategoryNetworking, "AWS VPC"}
	AssetClassificationAwsRds                      = AssetClassification{CategoryDatabase, "AWS RDS Instance"}
	AssetClassificationAwsS3Bucket                 = AssetClassification{CategoryStorageBucket, "AWS S3 Bucket"}
	AssetClassificationAwsSnsTopic                 = AssetClassification{CategoryMessagingService, "AWS SNS Topic"}

	// Azure
	AssetClassificationAzureAppService           = AssetClassification{CategoryWebService, "Azure App Service"}
	AssetClassificationAzureContainerRegistry    = AssetClassification{CategoryContainerRegistry, "Azure Container Registry"}
	AssetClassificationAzureCosmosDBAccount      = AssetClassification{CategoryInfrastructure, "Azure Cosmos DB Account"}
	AssetClassificationAzureCosmosDBSQLDatabase  = AssetClassification{CategoryInfrastructure, "Azure Cosmos DB SQL Database"}
	AssetClassificationAzureDisk                 = AssetClassification{CategoryVolume, "Azure Disk"}
	AssetClassificationAzureElasticPool          = AssetClassification{CategoryDatabase, "Azure Elastic Pool"}
	AssetClassificationAzureEntraGroup           = AssetClassification{CategoryGroup, "Azure Microsoft Entra ID Group"}
	AssetClassificationAzureEntraUser            = AssetClassification{CategoryIdentity, "Azure Microsoft Entra ID User"}
	AssetClassificationAzureResourceGroup        = AssetClassification{CategoryAccessManagement, "Azure Resource Group"}
	AssetClassificationAzureRoleDefinition       = AssetClassification{CategoryAccessManagement, "Azure RoleDefinition"}
	AssetClassificationAzureSQLDatabase          = AssetClassification{CategoryDatabase, "Azure SQL Database"}
	AssetClassificationAzureSQLServer            = AssetClassification{CategoryDatabase, "Azure SQL Server"}
	AssetClassificationAzureServicePrincipal     = AssetClassification{CategoryServiceAccount, "Azure Principal"}
	AssetClassificationAzureSnapshot             = AssetClassification{CategorySnapshot, "Azure Snapshot"}
	AssetClassificationAzureStorageAccount       = AssetClassification{CategoryPrivateEndpoint, "Azure Storage Account"}
	AssetClassificationAzureStorageBlobContainer = AssetClassification{CategoryStorageBucket, "Azure Storage Blob Container"}
	AssetClassificationAzureStorageBlobService   = AssetClassification{CategoryServiceUsageTechnology, "Azure Storage Blob Service"}
	AssetClassificationAzureStorageFileService   = AssetClassification{CategoryFileSystemService, "Azure Storage File Service"}
	AssetClassificationAzureStorageFileShare     = AssetClassification{CategoryFileSystemService, "Azure Storage File Share"}
	AssetClassificationAzureStorageQueue         = AssetClassification{CategoryMessagingService, "Azure Storage Queue"}
	AssetClassificationAzureStorageQueueService  = AssetClassification{CategoryMessagingService, "Azure Storage Queue Service"}
	AssetClassificationAzureStorageTable         = AssetClassification{CategoryDatabase, "Azure Storage Table"}
	AssetClassificationAzureStorageTableService  = AssetClassification{CategoryServiceUsageTechnology, "Azure Storage Table Service"}
	AssetClassificationAzureSubscription         = AssetClassification{CategoryAccessManagement, "Azure Subscription"}
	AssetClassificationAzureTenant               = AssetClassification{CategoryAccessManagement, "Azure Tenant"}
	AssetClassificationAzureVirtualMachine       = AssetClassification{CategoryHost, "Azure Virtual Machine"}

	// GCP
	AssetClassificationGcpProject           = AssetClassification{CategoryAccount, "GCP Project"}
	AssetClassificationGcpOrganization      = AssetClassification{CategoryOrganization, "GCP Organization"}
	AssetClassificationGcpFolder            = AssetClassification{CategoryOrganization, "GCP Folder"}
	AssetClassificationGcpInstance          = AssetClassification{CategoryHost, "GCP Compute Instance"}
	AssetClassificationGcpBucket            = AssetClassification{CategoryStorageBucket, "GCP Bucket"}
	AssetClassificationGcpFirewall          = AssetClassification{CategoryFirewall, "GCP Firewall"}
	AssetClassificationGcpSubnet            = AssetClassification{CategorySubnet, "GCP Subnet"}
	AssetClassificationGcpServiceAccount    = AssetClassification{CategoryAccessManagement, "GCP Service Account"}
	AssetClassificationGcpServiceAccountKey = AssetClassification{CategoryAccessManagement, "GCP Service Account Key"}
	AssetClassificationGcpGkeCluster        = AssetClassification{CategoryOrchestrator, "GCP Kubernetes Engine (GKE) Cluster"}
	AssetClassificationGcpForwardingRule    = AssetClassification{CategoryLoadBalancer, "GCP Load Balancing Forwarding Rule"}
	AssetClassificationGcpIamRole           = AssetClassification{CategoryServiceUsageTechnology, "GCP IAM Role"}
	AssetClassificationGcpCloudFunction     = AssetClassification{CategoryFaaS, "GCP Cloud Function"}
	AssetClassificationGcpCloudRunService   = AssetClassification{CategoryContainerService, "GCP Cloud Run Service"}
	AssetClassificationGcpNetwork           = AssetClassification{CategoryNetworking, "GCP VPC Network"}
)

AssetClassifications below are used to generate 'internal/inventory/ASSETS.md'. Please keep formatting consistent.

Functions

This section is empty.

Types

type AssetCategory 

type AssetCategory string

AssetCategory is used to build the document index. 

const (
	CategoryAccessManagement       AssetCategory = "Access Management"
	CategoryAccount                AssetCategory = "Account"
	CategoryContainerRegistry      AssetCategory = "Container Registry"
	CategoryContainerService       AssetCategory = "Container Service"
	CategoryDatabase               AssetCategory = "Database"
	CategoryFaaS                   AssetCategory = "FaaS"
	CategoryFileSystemService      AssetCategory = "File System Service"
	CategoryFirewall               AssetCategory = "Firewall"
	CategoryGateway                AssetCategory = "Gateway"
	CategoryGroup                  AssetCategory = "Group"
	CategoryHost                   AssetCategory = "Host"
	CategoryIdentity               AssetCategory = "Identity"
	CategoryInfrastructure         AssetCategory = "Infrastructure"
	CategoryLoadBalancer           AssetCategory = "Load Balancer"
	CategoryMessagingService       AssetCategory = "Messaging Service"
	CategoryNetworking             AssetCategory = "Networking"
	CategoryOrchestrator           AssetCategory = "Orchestrator"
	CategoryOrganization           AssetCategory = "Organization"
	CategoryPrivateEndpoint        AssetCategory = "Private Endpoint"
	CategoryServiceAccount         AssetCategory = "Service Account"
	CategoryServiceUsageTechnology AssetCategory = "Service Usage Technology"
	CategorySnapshot               AssetCategory = "Snapshot"
	CategoryStorageBucket          AssetCategory = "Storage Bucket"
	CategorySubnet                 AssetCategory = "Subnet"
	CategoryVolume                 AssetCategory = "Volume"
	CategoryWebService             AssetCategory = "Web Service"
)

type AssetClassification 

type AssetClassification struct {
	Category AssetCategory `json:"category"`
	Type     AssetType     `json:"type"`
}

AssetClassification holds the taxonomy of an asset

type AssetEnricher 

type AssetEnricher func(asset *AssetEvent)

AssetEnricher functional builder function

func EmptyEnricher 

func EmptyEnricher() AssetEnricher

func WithCloud 

func WithCloud(cloud Cloud) AssetEnricher

func WithContainer 

func WithContainer(container Container) AssetEnricher

func WithFass 

func WithFass(fass Fass) AssetEnricher

func WithGroup 

func WithGroup(group Group) AssetEnricher

func WithHost 

func WithHost(host Host) AssetEnricher

func WithLabels 

func WithLabels(labels map[string]string) AssetEnricher

func WithLabelsFromAny 

func WithLabelsFromAny(labels map[string]any) AssetEnricher

func WithNetwork 

func WithNetwork(network Network) AssetEnricher

func WithOrchestrator 

func WithOrchestrator(orchestrator Orchestrator) AssetEnricher

func WithOrganization 

func WithOrganization(org Organization) AssetEnricher

func WithRawAsset 

func WithRawAsset(raw any) AssetEnricher

func WithRelatedAssetIds 

func WithRelatedAssetIds(ids []string) AssetEnricher

func WithTags 

func WithTags(tags []string) AssetEnricher

func WithURL 

func WithURL(url URL) AssetEnricher

func WithUser 

func WithUser(user User) AssetEnricher

type AssetEvent 

type AssetEvent struct {
	Entity        Entity
	Event         Event
	Cloud         *Cloud
	Container     *Container
	Fass          *Fass
	Group         *Group
	Host          *Host
	Network       *Network
	Orchestrator  *Orchestrator
	Organization  *Organization
	URL           *URL
	User          *User
	Labels        map[string]string
	Tags          []string
	RawAttributes *any
}

AssetEvent holds the whole asset

func NewAssetEvent 

func NewAssetEvent(c AssetClassification, id string, name string, enrichers ...AssetEnricher) AssetEvent

type AssetFetcher 

type AssetFetcher interface {
	Fetch(ctx context.Context, assetChannel chan<- AssetEvent)
}

type AssetInventory 

type AssetInventory struct {
	// contains filtered or unexported fields
}

func NewAssetInventory 

func NewAssetInventory(logger *clog.Logger, fetchers []AssetFetcher, publisher AssetPublisher, now func() time.Time, period time.Duration) AssetInventory

func (*AssetInventory) Run 

func (a *AssetInventory) Run(ctx context.Context)

func (*AssetInventory) Stop 

func (a *AssetInventory) Stop()

type AssetPublisher 

type AssetPublisher interface {
	PublishAll([]beat.Event)
}

type AssetType 

type AssetType string

AssetType is used to build the document index.

type Cloud 

type Cloud struct {
	Provider         string `json:"provider,omitempty"`
	Region           string `json:"region,omitempty"`
	AvailabilityZone string `json:"availability_zone,omitempty"`
	AccountID        string `json:"account.id,omitempty"`
	AccountName      string `json:"account.name,omitempty"`
	InstanceID       string `json:"instance.id,omitempty"`
	InstanceName     string `json:"instance.name,omitempty"`
	MachineType      string `json:"machine.type,omitempty"`
	ServiceName      string `json:"service.name,omitempty"`
	ProjectID        string `json:"project.id,omitempty"`
	ProjectName      string `json:"project.name,omitempty"`
}

type Container 

type Container struct {
	ID        string `json:"id,omitempty"`
	Name      string `json:"name,omitempty"`
	ImageName string `json:"image.name,omitempty"`
}

type Entity 

type Entity struct {
	Id   string `json:"id"`
	Name string `json:"name"`
	AssetClassification
	// contains filtered or unexported fields
}

Entity contains the identifiers of the asset

type Event 

type Event struct {
	Kind string `json:"kind"`
}

type Fass 

type Fass struct {
	Name    string `json:"name,omitempty"`
	Version string `json:"version,omitempty"`
}

type Group 

type Group struct {
	ID     string `json:"id,omitempty"`
	Name   string `json:"name,omitempty"`
	Domain string `json:"domain,omitempty"`
}

type Host 

type Host struct {
	ID           string   `json:"id,omitempty"`
	Name         string   `json:"name,omitempty"`
	Architecture string   `json:"architecture,omitempty"`
	Type         string   `json:"type,omitempty"`
	IP           string   `json:"ip,omitempty"`
	MacAddress   []string `json:"mac,omitempty"`
}

type MockAssetEnricher 

type MockAssetEnricher struct {
	mock.Mock
}

MockAssetEnricher is an autogenerated mock type for the AssetEnricher type

func NewMockAssetEnricher 

func NewMockAssetEnricher(t interface {
	mock.TestingT
	Cleanup(func())
}) *MockAssetEnricher

NewMockAssetEnricher creates a new instance of MockAssetEnricher. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations. The first argument is typically a *testing.T value.

func (*MockAssetEnricher) EXPECT 

func (_m *MockAssetEnricher) EXPECT() *MockAssetEnricher_Expecter

func (*MockAssetEnricher) Execute 

func (_m *MockAssetEnricher) Execute(asset *AssetEvent)

Execute provides a mock function with given fields: asset

type MockAssetEnricher_Execute_Call 

type MockAssetEnricher_Execute_Call struct {
	*mock.Call
}

MockAssetEnricher_Execute_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'Execute'

func (*MockAssetEnricher_Execute_Call) Return 

func (_c *MockAssetEnricher_Execute_Call) Return() *MockAssetEnricher_Execute_Call

func (*MockAssetEnricher_Execute_Call) Run 

func (_c *MockAssetEnricher_Execute_Call) Run(run func(asset *AssetEvent)) *MockAssetEnricher_Execute_Call

func (*MockAssetEnricher_Execute_Call) RunAndReturn 

func (_c *MockAssetEnricher_Execute_Call) RunAndReturn(run func(*AssetEvent)) *MockAssetEnricher_Execute_Call

type MockAssetEnricher_Expecter 

type MockAssetEnricher_Expecter struct {
	// contains filtered or unexported fields
}

func (*MockAssetEnricher_Expecter) Execute 

func (_e *MockAssetEnricher_Expecter) Execute(asset interface{}) *MockAssetEnricher_Execute_Call

Execute is a helper method to define mock.On call

  • asset *AssetEvent

type MockAssetFetcher 

type MockAssetFetcher struct {
	mock.Mock
}

MockAssetFetcher is an autogenerated mock type for the AssetFetcher type

func NewMockAssetFetcher 

func NewMockAssetFetcher(t interface {
	mock.TestingT
	Cleanup(func())
}) *MockAssetFetcher

NewMockAssetFetcher creates a new instance of MockAssetFetcher. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations. The first argument is typically a *testing.T value.

func (*MockAssetFetcher) EXPECT 

func (_m *MockAssetFetcher) EXPECT() *MockAssetFetcher_Expecter

func (*MockAssetFetcher) Fetch 

func (_m *MockAssetFetcher) Fetch(ctx context.Context, assetChannel chan<- AssetEvent)

Fetch provides a mock function with given fields: ctx, assetChannel

type MockAssetFetcher_Expecter 

type MockAssetFetcher_Expecter struct {
	// contains filtered or unexported fields
}

func (*MockAssetFetcher_Expecter) Fetch 

func (_e *MockAssetFetcher_Expecter) Fetch(ctx interface{}, assetChannel interface{}) *MockAssetFetcher_Fetch_Call

Fetch is a helper method to define mock.On call

  • ctx context.Context
  • assetChannel chan<- AssetEvent

type MockAssetFetcher_Fetch_Call 

type MockAssetFetcher_Fetch_Call struct {
	*mock.Call
}

MockAssetFetcher_Fetch_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'Fetch'

func (*MockAssetFetcher_Fetch_Call) Return 

func (_c *MockAssetFetcher_Fetch_Call) Return() *MockAssetFetcher_Fetch_Call

func (*MockAssetFetcher_Fetch_Call) Run 

func (_c *MockAssetFetcher_Fetch_Call) Run(run func(ctx context.Context, assetChannel chan<- AssetEvent)) *MockAssetFetcher_Fetch_Call

func (*MockAssetFetcher_Fetch_Call) RunAndReturn 

func (_c *MockAssetFetcher_Fetch_Call) RunAndReturn(run func(context.Context, chan<- AssetEvent)) *MockAssetFetcher_Fetch_Call

type MockAssetPublisher 

type MockAssetPublisher struct {
	mock.Mock
}

MockAssetPublisher is an autogenerated mock type for the AssetPublisher type

func NewMockAssetPublisher 

func NewMockAssetPublisher(t interface {
	mock.TestingT
	Cleanup(func())
}) *MockAssetPublisher

NewMockAssetPublisher creates a new instance of MockAssetPublisher. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations. The first argument is typically a *testing.T value.

func (*MockAssetPublisher) EXPECT 

func (_m *MockAssetPublisher) EXPECT() *MockAssetPublisher_Expecter

func (*MockAssetPublisher) PublishAll 

func (_m *MockAssetPublisher) PublishAll(_a0 []beat.Event)

PublishAll provides a mock function with given fields: _a0

type MockAssetPublisher_Expecter 

type MockAssetPublisher_Expecter struct {
	// contains filtered or unexported fields
}

func (*MockAssetPublisher_Expecter) PublishAll 

func (_e *MockAssetPublisher_Expecter) PublishAll(_a0 interface{}) *MockAssetPublisher_PublishAll_Call

PublishAll is a helper method to define mock.On call

  • _a0 []beat.Event

type MockAssetPublisher_PublishAll_Call 

type MockAssetPublisher_PublishAll_Call struct {
	*mock.Call
}

MockAssetPublisher_PublishAll_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'PublishAll'

func (*MockAssetPublisher_PublishAll_Call) Return 

func (_c *MockAssetPublisher_PublishAll_Call) Return() *MockAssetPublisher_PublishAll_Call

func (*MockAssetPublisher_PublishAll_Call) Run 

func (_c *MockAssetPublisher_PublishAll_Call) Run(run func(_a0 []beat.Event)) *MockAssetPublisher_PublishAll_Call

func (*MockAssetPublisher_PublishAll_Call) RunAndReturn 

func (_c *MockAssetPublisher_PublishAll_Call) RunAndReturn(run func([]beat.Event)) *MockAssetPublisher_PublishAll_Call

type Network 

type Network struct {
	Name      string `json:"name,omitempty"`
	Direction string `json:"direction,omitempty"`
	Type      string `json:"type,omitempty"`
}

type Orchestrator 

type Orchestrator struct {
	ClusterID   string `json:"cluster.id,omitempty"`
	ClusterName string `json:"cluster.name,omitempty"`
	Type        string `json:"type,omitempty"`
}

type Organization 

type Organization struct {
	ID   string `json:"id,omitempty"`
	Name string `json:"name,omitempty"`
}

type URL 

type URL struct {
	Full string `json:"full"`
}

type User 

type User struct {
	ID    string   `json:"id,omitempty"`
	Name  string   `json:"name,omitempty"`
	Email string   `json:"email,omitempty"`
	Roles []string `json:"roles,omitempty"`
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.