Example #1
0
File: tm.py Project: 321jr/pytm 
server_db = Boundary("Server/DB")
vpc = Boundary("AWS VPC")

user = Actor("User")
user.inBoundary = internet

web = Server("Web Server")
web.OS = "Ubuntu"
web.isHardened = True
web.sanitizesInput = False
web.encodesOutput = True
web.authorizesSource = False

db = Datastore("SQL Database")
db.OS = "CentOS"
db.isHardened = False
db.inBoundary = server_db
db.isSQL = True
db.inScope = True

my_lambda = Lambda("AWS Lambda")
my_lambda.hasAccessControl = True
my_lambda.inBoundary = vpc

user_to_web = Dataflow(user, web, "User enters comments (*)")
user_to_web.protocol = "HTTP"
user_to_web.dstPort = 80
user_to_web.data = 'Comments in HTML or Markdown'
user_to_web.note = "This is a simple web app\nthat stores and retrieves user comments."

web_to_db = Dataflow(web, db, "Insert query with comments")
Example #2
0
user = Actor("User")
user.inBoundary = internet
user.levels = [2]

web = Server("Web Server")
web.OS = "Ubuntu"
web.isHardened = True
web.sanitizesInput = False
web.encodesOutput = True
web.authorizesSource = False
web.sourceFiles = ["pytm/json.py", "docs/template.md"]

db = Datastore("SQL Database")
db.OS = "CentOS"
db.isHardened = False
db.inBoundary = server_db
db.isSQL = True
db.inScope = True
db.maxClassification = Classification.RESTRICTED
db.levels = [2]

secretDb = Datastore("Real Identity Database")
secretDb.OS = "CentOS"
secretDb.sourceFiles = ["pytm/pytm.py"]
secretDb.isHardened = True
secretDb.inBoundary = server_db
secretDb.isSQL = True
secretDb.inScope = True
secretDb.storesPII = True
secretDb.maxClassification = Classification.TOP_SECRET
Example #3
0
apigee = Element("Apigee")
apigee.inBoundary = internet
apigee.isHardened = True

apigee = Element("Apigee")
apigee.inBoundary = internet
apigee.isHardened = True

server = Server("Apps Server")
server.inBoundary = apps_vpc
server.isHardened = True
server.hasAccessControl = True
server.encodesOutput = True

db = Datastore("MySQL DB")
db.isHardened = True
db.hasAccessControl = True
db.inBoundary = apps_vpc
db.inBoundary = rds_boundary
db.isSQL = True
db.inScope = True
db.onAWS = True
db.isShared = True
db.storesSensitiveData = False

redis = Datastore("Redis")
redis.isHardened = True
redis.inBoundary = apps_vpc
redis.inBoundary = cache_boundary
redis.isSQL = False
redis.inScope = True