def _parse_instance(self, raw_instance):
instance_dict = {}
instance_dict['id'] = get_non_provider_id(raw_instance.id.lower())
instance_dict['vm_id'] = raw_instance.vm_id
instance_dict['zones'] = raw_instance.zones
instance_dict['instance_view'] = raw_instance.instance_view
instance_dict['availability_set'] = raw_instance.availability_set
instance_dict['proximity_placement_group'] = raw_instance.proximity_placement_group
instance_dict['additional_properties'] = list(raw_instance.additional_properties)
instance_dict['location'] = raw_instance.location
instance_dict['type'] = raw_instance.type
instance_dict['resources'] = raw_instance.resources
instance_dict['tags'] = raw_instance.tags
instance_dict['provisioning_state'] = raw_instance.provisioning_state
instance_dict['plan'] = raw_instance.plan
instance_dict['identity'] = raw_instance.identity
instance_dict['name'] = raw_instance.name
instance_dict['additional_capabilities'] = raw_instance.additional_capabilities
instance_dict['license_type'] = raw_instance.license_type
# TODO process and display the below
instance_dict['hardware_profile'] = raw_instance.hardware_profile
instance_dict['diagnostics_profile'] = raw_instance.diagnostics_profile
instance_dict['os_profile'] = raw_instance.os_profile
instance_dict['storage_profile'] = raw_instance.storage_profile
instance_dict['network_profile'] = raw_instance.network_profile
# instance_dict['network_profile'] = raw_instance.network_profile
instance_dict['network_interfaces'] = []
for interface in raw_instance.network_profile.network_interfaces:
instance_dict['network_interfaces'].append(get_non_provider_id(interface.id))
return instance_dict['id'], instance_dict
def _parse_network_security_group(self, network_security_group):
network_security_group_dict = {}
network_security_group_dict['id'] = get_non_provider_id(network_security_group.id)
network_security_group_dict['name'] = network_security_group.name
network_security_group_dict['location'] = network_security_group.location
network_security_group_dict['provisioning_state'] = network_security_group.provisioning_state
network_security_group_dict['resource_guid'] = network_security_group.resource_guid
network_security_group_dict['type'] = network_security_group.type
network_security_group_dict['etag'] = network_security_group.etag
network_security_group_dict['tags'] = network_security_group.tags
network_security_group_dict['additional_properties'] = network_security_group.additional_properties
network_security_group_dict['security_rules'] = self._parse_security_rules(network_security_group)
network_security_group_dict['subnets'] = {}
if network_security_group.subnets:
for subnet in network_security_group.subnets:
identifier = get_non_provider_id(subnet.id)
network_security_group_dict['subnets'][identifier] = {'id': identifier}
network_security_group_dict['network_interfaces'] = {}
if network_security_group.network_interfaces:
for network_interface in network_security_group.network_interfaces:
identifier = get_non_provider_id(network_interface.id)
network_security_group_dict['network_interfaces'][identifier] = {'id': identifier}
# FIXME this is broken and badly implemented (not efficient at all)
# exposed_ports = self._parse_exposed_ports(network_security_group)
# network_security_group_dict['exposed_ports'] = exposed_ports
# network_security_group_dict['exposed_port_ranges'] = self._format_ports(exposed_ports)
return network_security_group_dict['id'], network_security_group_dict
def _parse_trail(self, raw_trail):
trail = {'name': raw_trail.pop('Name')}
trail_id = get_non_provider_id(trail['name'])
# Do not duplicate entries for multiregion trails
if 'IsMultiRegionTrail' in raw_trail and raw_trail['IsMultiRegionTrail'] and \
raw_trail['HomeRegion'] != self.region:
for key in ['HomeRegion', 'TrailARN']:
trail[key] = raw_trail[key]
trail['scout_link'] = 'services.cloudtrail.regions.%s.trails.%s' % (raw_trail['HomeRegion'], trail_id)
return trail_id, trail
for key in raw_trail:
trail[key] = raw_trail[key]
trail['bucket_id'] = get_non_provider_id(trail.pop('S3BucketName'))
for key in ['IsMultiRegionTrail', 'LogFileValidationEnabled']:
if key not in trail:
trail[key] = False
for key in ['KMSKeyId', 'IsLogging', 'LatestDeliveryTime', 'LatestDeliveryError', 'StartLoggingTime',
'StopLoggingTime', 'LatestNotificationTime', 'LatestNotificationError',
'LatestCloudWatchLogsDeliveryError', 'LatestCloudWatchLogsDeliveryTime']:
trail[key] = trail[key] if key in trail else None
# using trail ARN instead of name as with Organizations the trail would be located in another account
trail['wildcard_data_logging'] = self.data_logging_status(trail)
for event_selector in trail['EventSelectors']:
trail['DataEventsEnabled'] = len(event_selector['DataResources']) > 0
trail['ManagementEventsEnabled'] = event_selector['IncludeManagementEvents']
return trail_id, trail
async def _parse_group(self, raw_group):
group_dict = {}
group_dict['identifier'] = raw_group.id
group_dict['id'] = get_non_provider_id(raw_group.id)
group_dict['name'] = raw_group.name
group_dict['lifecycle_state'] = raw_group.lifecycle_state
group_dict['inactive_status'] = raw_group.inactive_status
group_dict['description'] = raw_group.description
group_dict['compartment_id'] = raw_group.compartment_id
group_dict['time_created'] = raw_group.time_created
group_dict['defined_tags'] = list(raw_group.defined_tags)
group_dict['freeform_tags'] = list(raw_group.freeform_tags)
members = await self.facade.identity.get_group_users(
group_dict['identifier'])
group_dict['users'] = []
for member in members:
member_dict = {}
member_dict['user_identifier'] = member.user_id
member_dict['user_id'] = get_non_provider_id(member.user_id)
member_dict['membership_id'] = member.id
member_dict['group_id'] = member.group_id
member_dict['lifecycle_state'] = member.lifecycle_state
member_dict['inactive_status'] = member.inactive_status
member_dict['compartment_id'] = member.compartment_id
member_dict['time_created'] = member.time_created
group_dict['users'].append(member_dict)
return group_dict['id'], group_dict
def _parse_virtual_network(self, raw_virtual_network):
virtual_network_dict = {}
virtual_network_dict['id'] = get_non_provider_id(raw_virtual_network.id)
virtual_network_dict['name'] = raw_virtual_network.name
virtual_network_dict['enable_vm_protection'] = raw_virtual_network.enable_vm_protection
virtual_network_dict['etag'] = str(raw_virtual_network.etag)
if raw_virtual_network.tags is not None:
virtual_network_dict['tags'] = ["{}:{}".format(key, value) for key, value in raw_virtual_network.tags.items()]
else:
virtual_network_dict['tags'] = []
virtual_network_dict['resource_group_name'] = get_resource_group_name(raw_virtual_network.id)
virtual_network_dict['virtual_network_peerings'] = raw_virtual_network.virtual_network_peerings
virtual_network_dict['enable_ddos_protection'] = raw_virtual_network.enable_ddos_protection
virtual_network_dict['resource_guid'] = raw_virtual_network.resource_guid
virtual_network_dict['provisioning_state'] = raw_virtual_network.provisioning_state
virtual_network_dict['address_space'] = raw_virtual_network.address_space
virtual_network_dict['ddos_protection_plan'] = raw_virtual_network.ddos_protection_plan
virtual_network_dict['additional_properties'] = list(raw_virtual_network.additional_properties)
virtual_network_dict['location'] = raw_virtual_network.location
virtual_network_dict['type'] = raw_virtual_network.type
virtual_network_dict['dhcp_options'] = raw_virtual_network.dhcp_options
virtual_network_dict['subnets'] = {}
virtual_network_dict['subnets_count'] = 0
for raw_subnet in raw_virtual_network.subnets:
subnet_dict = {}
subnet_dict['id'] = get_non_provider_id(raw_subnet.id)
subnet_dict['name'] = raw_subnet.name
subnet_dict['service_association_links'] = raw_subnet.service_association_links
subnet_dict['resource_navigation_links'] = raw_subnet.resource_navigation_links
subnet_dict['service_endpoint_policies'] = raw_subnet.service_endpoint_policies
subnet_dict['interface_endpoints'] = raw_subnet.interface_endpoints if \
hasattr(raw_subnet, 'interface_endpoints') else None
subnet_dict['purpose'] = raw_subnet.purpose
subnet_dict['address_prefix'] = raw_subnet.address_prefix
subnet_dict['provisioning_state'] = raw_subnet.provisioning_state
subnet_dict['etag'] = str(raw_subnet.etag)
subnet_dict['additional_properties'] = raw_subnet.additional_properties
subnet_dict['route_table'] = raw_subnet.route_table
subnet_dict['delegations'] = raw_subnet.delegations
subnet_dict['service_endpoints'] = raw_subnet.service_endpoints
subnet_dict['ip_configuration_profiles'] = raw_subnet.ip_configuration_profiles
subnet_dict['ip_configurations'] = raw_subnet.ip_configurations
subnet_dict['address_prefixes'] = raw_subnet.address_prefixes
if raw_subnet.network_security_group:
subnet_dict['network_security_group'] = get_non_provider_id(raw_subnet.network_security_group.id)
else:
subnet_dict['network_security_group'] = None
virtual_network_dict['subnets_count'] += 1
virtual_network_dict['subnets'][subnet_dict['id']] = subnet_dict
return virtual_network_dict['id'], virtual_network_dict
async def _parse_instance(self, raw_instance):
instance_dict = {}
instance_dict['id'] = get_non_provider_id(raw_instance.id.lower())
instance_dict['name'] = raw_instance.name
instance_dict['vm_id'] = raw_instance.vm_id
instance_dict['zones'] = raw_instance.zones
instance_dict['instance_view'] = raw_instance.instance_view
instance_dict['availability_set'] = raw_instance.availability_set
instance_dict[
'proximity_placement_group'] = raw_instance.proximity_placement_group
instance_dict['additional_properties'] = list(
raw_instance.additional_properties)
instance_dict['location'] = raw_instance.location
instance_dict['type'] = raw_instance.type
instance_dict['resources'] = raw_instance.resources
if raw_instance.tags is not None:
instance_dict['tags'] = [
"{}:{}".format(key, value)
for key, value in raw_instance.tags.items()
]
else:
instance_dict['tags'] = []
instance_dict['resource_group_name'] = get_resource_group_name(
raw_instance.id)
instance_dict['provisioning_state'] = raw_instance.provisioning_state
instance_dict['plan'] = raw_instance.plan
instance_dict['identity'] = raw_instance.identity
instance_dict[
'additional_capabilities'] = raw_instance.additional_capabilities
instance_dict['license_type'] = raw_instance.license_type
# TODO process and display the below
instance_dict['hardware_profile'] = raw_instance.hardware_profile
instance_dict['diagnostics_profile'] = raw_instance.diagnostics_profile
instance_dict['os_profile'] = raw_instance.os_profile
instance_dict['storage_profile'] = raw_instance.storage_profile
instance_dict['network_profile'] = raw_instance.network_profile
# instance_dict['network_profile'] = raw_instance.network_profile
instance_dict['network_interfaces'] = []
for interface in raw_instance.network_profile.network_interfaces:
instance_dict['network_interfaces'].append(
get_non_provider_id(interface.id))
instance_dict[
'extensions'] = await self.facade.virtualmachines.get_instance_extensions(
subscription_id=self.subscription_id,
instance_name=instance_dict['name'],
resource_group=get_resource_group_name(raw_instance.id))
return instance_dict['id'], instance_dict
def _parse_application_security_group(self,
raw_application_security_group):
application_security_group_dict = {}
application_security_group_dict['id'] = get_non_provider_id(
raw_application_security_group.id)
application_security_group_dict[
'name'] = raw_application_security_group.name
application_security_group_dict[
'type'] = raw_application_security_group.type
application_security_group_dict[
'location'] = raw_application_security_group.location
if raw_application_security_group.tags is not None:
application_security_group_dict['tags'] = [
"{}:{}".format(key, value)
for key, value in raw_application_security_group.tags.items()
]
else:
application_security_group_dict['tags'] = []
application_security_group_dict[
'resource_group_name'] = get_resource_group_name(
raw_application_security_group.id)
application_security_group_dict[
'resource_guid'] = raw_application_security_group.resource_guid
application_security_group_dict[
'provisioning_state'] = raw_application_security_group.provisioning_state
application_security_group_dict[
'etag'] = raw_application_security_group.etag
application_security_group_dict['network_interfaces'] = [
] # this is filled in the base class
return application_security_group_dict[
'id'], application_security_group_dict
async def _get_and_set_inline_policies(self, resource, iam_resource_type):
client = AWSFacadeUtils.get_client('iam', self.session)
list_policy_method = getattr(client,
'list_' + iam_resource_type + '_policies')
resource_name = resource[iam_resource_type.title() + 'Name']
args = {iam_resource_type.title() + 'Name': resource_name}
resource['inline_policies'] = {}
policy_names = await run_concurrently(
lambda: list_policy_method(**args)['PolicyNames'])
if len(policy_names) == 0:
resource['inline_policies_count'] = 0
return
get_policy_method = getattr(client,
'get_' + iam_resource_type + '_policy')
tasks = {
asyncio.ensure_future(
run_concurrently(lambda: get_policy_method(**dict(
args, PolicyName=policy_name))))
for policy_name in policy_names
}
for task in asyncio.as_completed(tasks):
policy = await task
policy_name = policy['PolicyName']
policy_id = get_non_provider_id(policy_name)
policy_document = policy['PolicyDocument']
resource['inline_policies'][policy_id] = {}
resource['inline_policies'][policy_id][
'PolicyDocument'] = self._normalize_statements(policy_document)
resource['inline_policies'][policy_id]['name'] = policy_name
resource['inline_policies_count'] = len(resource['inline_policies'])
def _parse_snapshot(self, raw_snapshot):
snapshot_dict = {}
snapshot_dict['id'] = get_non_provider_id(raw_snapshot.id)
snapshot_dict['unique_id'] = getattr(raw_snapshot, 'unique_id', None)
snapshot_dict['name'] = raw_snapshot.name
snapshot_dict['type'] = raw_snapshot.type
snapshot_dict['location'] = raw_snapshot.location
snapshot_dict['tags'] = raw_snapshot.tags
snapshot_dict['managed_by'] = raw_snapshot.managed_by
snapshot_dict['sku'] = raw_snapshot.sku
snapshot_dict['time_created'] = raw_snapshot.time_created
snapshot_dict['os_type'] = raw_snapshot.os_type
snapshot_dict['hyper_vgeneration'] = raw_snapshot.hyper_vgeneration
snapshot_dict['creation_data'] = raw_snapshot.creation_data
snapshot_dict['disk_size_gb'] = raw_snapshot.disk_size_gb
snapshot_dict['disk_size_bytes'] = getattr(raw_snapshot,
'disk_size_bytes', None)
snapshot_dict['provisioning_state'] = raw_snapshot.provisioning_state
snapshot_dict['incremental'] = getattr(raw_snapshot, 'incremental',
None)
snapshot_dict[
'additional_properties'] = raw_snapshot.additional_properties
if hasattr(raw_snapshot, 'encryption'):
snapshot_dict['encryption_type'] = getattr(raw_snapshot.encryption,
'type', None)
else:
snapshot_dict['encryption_type'] = None
return snapshot_dict['id'], snapshot_dict
def _parse_bucket(self, raw_bucket):
bucket_dict = {}
bucket_dict['id'] = get_non_provider_id(raw_bucket.id)
bucket_dict['name'] = raw_bucket.name
bucket_dict['project_id'] = self.project_id
bucket_dict['project_number'] = raw_bucket.project_number
bucket_dict['creation_date'] = raw_bucket.time_created
bucket_dict['location'] = raw_bucket.location
bucket_dict['storage_class'] = raw_bucket.storage_class.lower()
bucket_dict['versioning_enabled'] = raw_bucket.versioning_enabled
bucket_dict['logging_enabled'] = raw_bucket.logging is not None
iam_configuration = raw_bucket.iam_configuration.get('uniformBucketLevelAccess') or \
raw_bucket.iam_configuration.get('bucketPolicyOnly')
if iam_configuration:
bucket_dict['uniform_bucket_level_access'] = iam_configuration.get(
"enabled", False)
else:
bucket_dict['uniform_bucket_level_access'] = None
if bucket_dict['uniform_bucket_level_access']:
bucket_dict['acls'] = []
bucket_dict['default_object_acl'] = []
else:
bucket_dict['acls'] = list(raw_bucket.acl)
bucket_dict['default_object_acl'] = list(
raw_bucket.default_object_acl)
bucket_dict['acl_configuration'] = self._get_cloudstorage_bucket_acl(
raw_bucket) # FIXME this should be "IAM"
return bucket_dict['id'], bucket_dict
def _parse_snapshot(self, raw_snapshot):
snapshot_dict = {}
snapshot_dict['id'] = get_non_provider_id(raw_snapshot.id)
snapshot_dict['name'] = raw_snapshot.name
snapshot_dict['type'] = raw_snapshot.type
snapshot_dict['location'] = raw_snapshot.location
snapshot_dict['tags'] = raw_snapshot.tags
snapshot_dict['managed_by'] = raw_snapshot.managed_by
snapshot_dict['sku'] = raw_snapshot.sku
snapshot_dict['time_created'] = raw_snapshot.time_created
snapshot_dict['os_type'] = raw_snapshot.os_type
snapshot_dict['hyper_vgeneration'] = raw_snapshot.hyper_vgeneration
snapshot_dict['creation_data'] = raw_snapshot.creation_data
snapshot_dict['disk_size_gb'] = raw_snapshot.disk_size_gb
snapshot_dict['disk_size_bytes'] = raw_snapshot.disk_size_bytes
snapshot_dict['unique_id'] = raw_snapshot.unique_id
snapshot_dict['provisioning_state'] = raw_snapshot.provisioning_state
snapshot_dict['incremental'] = raw_snapshot.incremental
snapshot_dict[
'additional_properties'] = raw_snapshot.additional_properties
snapshot_dict['encryption'] = raw_snapshot.encryption
snapshot_dict[
'encryption_settings_collection'] = raw_snapshot.encryption_settings_collection
if raw_snapshot.encryption_settings_collection and raw_snapshot.encryption_settings_collection.enabled:
snapshot_dict['encryption_enabled'] = True
else:
snapshot_dict['encryption_enabled'] = False
return snapshot_dict['id'], snapshot_dict
def _parse_disk(self, raw_disk):
disk_dict = {}
disk_dict['id'] = get_non_provider_id(raw_disk.id)
disk_dict['name'] = raw_disk.name
disk_dict['type'] = raw_disk.type
disk_dict['location'] = raw_disk.location
disk_dict['tags'] = raw_disk.tags
disk_dict['managed_by'] = raw_disk.managed_by
disk_dict['sku'] = raw_disk.sku
disk_dict['zones'] = raw_disk.zones
disk_dict['time_created'] = raw_disk.time_created
disk_dict['os_type'] = raw_disk.os_type
disk_dict['hyper_vgeneration'] = raw_disk.hyper_vgeneration
disk_dict['creation_data'] = raw_disk.creation_data
disk_dict['disk_size_gb'] = raw_disk.disk_size_gb
disk_dict['disk_size_bytes'] = raw_disk.disk_size_bytes
disk_dict['unique_id'] = raw_disk.unique_id
disk_dict['provisioning_state'] = raw_disk.provisioning_state
disk_dict['disk_iops_read_write'] = raw_disk.disk_iops_read_write
disk_dict['disk_mbps_read_write'] = raw_disk.disk_mbps_read_write
disk_dict['disk_state'] = raw_disk.disk_state
disk_dict['additional_properties'] = raw_disk.additional_properties
disk_dict['encryption'] = raw_disk.encryption
disk_dict[
'encryption_settings_collection'] = raw_disk.encryption_settings_collection
if raw_disk.encryption_settings_collection and raw_disk.encryption_settings_collection.enabled:
disk_dict['encryption_enabled'] = True
else:
disk_dict['encryption_enabled'] = False
return disk_dict['id'], disk_dict
def _parse_regulatory_compliance_result(self,
raw_regulatory_compliance_result):
regulatory_compliance_result_dict = {}
regulatory_compliance_result_dict['id'] = get_non_provider_id(
raw_regulatory_compliance_result.id)
regulatory_compliance_result_dict['name'] = '{} {}'.format(
raw_regulatory_compliance_result.standard_name,
raw_regulatory_compliance_result.name)
regulatory_compliance_result_dict[
'reference'] = raw_regulatory_compliance_result.name
regulatory_compliance_result_dict[
'standard_name'] = raw_regulatory_compliance_result.standard_name
regulatory_compliance_result_dict[
'type'] = raw_regulatory_compliance_result.type
regulatory_compliance_result_dict[
'description'] = raw_regulatory_compliance_result.description
regulatory_compliance_result_dict[
'state'] = raw_regulatory_compliance_result.state
regulatory_compliance_result_dict[
'passed_assessments'] = raw_regulatory_compliance_result.passed_assessments
regulatory_compliance_result_dict[
'failed_assessments'] = raw_regulatory_compliance_result.failed_assessments
regulatory_compliance_result_dict[
'skipped_assessments'] = raw_regulatory_compliance_result.skipped_assessments
regulatory_compliance_result_dict['additional_properties'] = \
raw_regulatory_compliance_result.additional_properties
return regulatory_compliance_result_dict[
'id'], regulatory_compliance_result_dict
async def _parse_api_key(self, raw_api_key):
api_key = {}
api_key['id'] = get_non_provider_id(raw_api_key.key_id)
api_key['identifier'] = raw_api_key.key_id
api_key['fingerprint'] = raw_api_key.fingerprint
api_key['state'] = raw_api_key.lifecycle_state
return api_key['id'], api_key
def _parse_load_balancer(self, raw_load_balancer):
load_balancer = {'name': raw_load_balancer['LoadBalancerName']}
get_keys(raw_load_balancer, load_balancer, [
'DNSName', 'CreatedTime', 'AvailabilityZones', 'Subnets', 'Scheme',
'attributes'
])
load_balancer['security_groups'] = []
load_balancer['arn'] = 'arn:aws:elb:{}:{}:load-balancer/{}'.format(
self.region, self.facade.owner_id,
raw_load_balancer.get('LoadBalancerName'))
for sg in raw_load_balancer['SecurityGroups']:
load_balancer['security_groups'].append({'GroupId': sg})
load_balancer['listeners'] = {}
for l in raw_load_balancer['ListenerDescriptions']:
listener = l['Listener']
load_balancer['listeners'][l['Listener']
['LoadBalancerPort']] = listener
load_balancer['instances'] = []
for i in raw_load_balancer['Instances']:
load_balancer['instances'].append(i['InstanceId'])
if 'Tags' in raw_load_balancer and raw_load_balancer['Tags']:
load_balancer['tags'] = {
x['Key']: x['Value']
for x in raw_load_balancer['Tags']
}
return get_non_provider_id(load_balancer['name']), load_balancer
def _parse_instance(self, raw_instance):
instance_dict = {}
instance_dict['id'] = get_non_provider_id(raw_instance['name'])
instance_dict['name'] = raw_instance['name']
instance_dict['project_id'] = raw_instance['project']
instance_dict['automatic_backup_enabled'] = raw_instance['settings'][
'backupConfiguration']['enabled']
instance_dict['database_version'] = raw_instance['databaseVersion']
instance_dict['log_enabled'] = self._is_log_enabled(raw_instance)
instance_dict['ssl_required'] = self._is_ssl_required(raw_instance)
instance_dict['authorized_networks'] = raw_instance['settings'][
'ipConfiguration']['authorizedNetworks']
# check if is or has a failover replica
instance_dict['has_failover_replica'] = raw_instance.get(
'failoverReplica', []) != []
instance_dict['is_failover_replica'] = raw_instance.get(
'masterInstanceName', '') != ''
# network interfaces
instance_dict['public_ip'] = None
instance_dict['private_ip'] = None
for address in raw_instance.get('ipAddresses', []):
if address['type'] == 'PRIMARY':
instance_dict['public_ip'] = address['ipAddress']
elif address['type'] == 'PRIVATE':
instance_dict['private_ip'] = address['ipAddress']
else:
print_exception(
'Unknown Cloud SQL instance IP address type: {}'.format(
address['type']))
return instance_dict['id'], instance_dict
async def get_policies(self, region: str):
try:
await self.cache_load_balancers(region)
for load_balancer in self.load_balancers_cache[region]:
load_balancer['policy_names'] = []
for listener_description in load_balancer[
'ListenerDescriptions']:
for policy_name in listener_description['PolicyNames']:
policy_id = get_non_provider_id(policy_name)
if policy_id not in self.policies_cache:
load_balancer['policy_names'].append(policy_name)
self.policies_cache.add(policy_id)
policies = await map_concurrently(
self._get_policies,
self.load_balancers_cache[region],
region=region)
# Because _get_policies returns a list, policies has to be flatten:
return [
policy for nested_policy in policies
for policy in nested_policy
]
except Exception as e:
print_exception(f'Failed to describe ELB policies: {e}')
return []
def _parse_instance(self, raw_instance):
instance_dict = {}
instance_dict['id'] = get_non_provider_id(raw_instance['name'])
instance_dict['project_id'] = self.project_id
instance_dict['name'] = raw_instance['name']
instance_dict['description'] = self._get_description(raw_instance)
instance_dict['creation_timestamp'] = raw_instance['creationTimestamp']
instance_dict['zone'] = raw_instance['zone'].split('/')[-1]
instance_dict['tags'] = raw_instance['tags']
instance_dict['status'] = raw_instance['status']
instance_dict['zone_url_'] = raw_instance['zone']
instance_dict['network_interfaces'] = raw_instance['networkInterfaces']
instance_dict['service_accounts'] = raw_instance['serviceAccounts']
instance_dict['deletion_protection_enabled'] = raw_instance[
'deletionProtection']
instance_dict[
'block_project_ssh_keys_enabled'] = self._is_block_project_ssh_keys_enabled(
raw_instance)
instance_dict['oslogin_enabled'] = self._is_oslogin_enabled(
raw_instance)
instance_dict['ip_forwarding_enabled'] = raw_instance['canIpForward']
instance_dict['serial_port_enabled'] = self._is_serial_port_enabled(
raw_instance)
instance_dict[
'has_full_access_cloud_apis'] = self._has_full_access_to_all_cloud_apis(
raw_instance)
instance_dict['disks'] = InstanceDisks(self.facade, raw_instance)
return instance_dict['id'], instance_dict
async def _parse_credential_reports(self, raw_credential_report):
raw_credential_report['id'] = get_non_provider_id(raw_credential_report['user'])
raw_credential_report['name'] = raw_credential_report['user']
raw_credential_report['password_enabled'] = raw_credential_report['password_enabled']
raw_credential_report['password_last_used'] = self._sanitize_date(raw_credential_report['password_last_used'])
raw_credential_report['password_last_changed'] =\
self._sanitize_date(raw_credential_report['password_last_changed'])
raw_credential_report['access_key_1_active'] = raw_credential_report['access_key_1_active']
raw_credential_report['access_key_1_last_used_date'] =\
self._sanitize_date(raw_credential_report['access_key_1_last_used_date'])
raw_credential_report['access_key_1_last_rotated'] = \
self._sanitize_date(raw_credential_report['access_key_1_last_rotated'])
raw_credential_report['access_key_2_active'] = raw_credential_report['access_key_2_active']
raw_credential_report['access_key_2_last_used_date'] =\
self._sanitize_date(raw_credential_report['access_key_2_last_used_date'])
raw_credential_report['access_key_2_last_rotated'] = \
self._sanitize_date(raw_credential_report['access_key_2_last_rotated'])
raw_credential_report['last_used'] = self._compute_last_used(raw_credential_report)
raw_credential_report['cert_1_active'] = raw_credential_report['cert_1_active']
raw_credential_report['cert_2_active'] = raw_credential_report['cert_2_active']
if raw_credential_report['mfa_active'] == 'true':
raw_credential_report['mfa_active_hardware'] = await \
self._user_has_hardware_mfa_devices(raw_credential_report['name'])
else:
raw_credential_report['mfa_active_hardware'] = False
return raw_credential_report['id'], raw_credential_report
def _parse_disk(self, raw_disk):
disk_dict = {}
disk_dict['id'] = get_non_provider_id(raw_disk.id)
disk_dict['unique_id'] = getattr(raw_disk, 'unique_id', None)
disk_dict['name'] = raw_disk.name
disk_dict['type'] = raw_disk.type
disk_dict['location'] = raw_disk.location
disk_dict['tags'] = raw_disk.tags
disk_dict['managed_by'] = raw_disk.managed_by
disk_dict['sku'] = raw_disk.sku
disk_dict['zones'] = raw_disk.zones
disk_dict['time_created'] = raw_disk.time_created
disk_dict['os_type'] = raw_disk.os_type
disk_dict['hyper_vgeneration'] = raw_disk.hyper_vgeneration
disk_dict['creation_data'] = raw_disk.creation_data
disk_dict['disk_size_gb'] = raw_disk.disk_size_gb
disk_dict['disk_size_bytes'] = getattr(raw_disk, 'disk_size_bytes',
None)
disk_dict['provisioning_state'] = raw_disk.provisioning_state
disk_dict['disk_iops_read_write'] = raw_disk.disk_iops_read_write
disk_dict['disk_mbps_read_write'] = raw_disk.disk_mbps_read_write
disk_dict['disk_state'] = raw_disk.disk_state
disk_dict['additional_properties'] = raw_disk.additional_properties
if hasattr(raw_disk, 'encryption'):
disk_dict['encryption_type'] = getattr(raw_disk.encryption, 'type',
None)
else:
disk_dict['encryption_type'] = None
return disk_dict['id'], disk_dict
async def _parse_cluster(self, raw_cluster):
cluster_dict = {}
cluster_dict['id'] = get_non_provider_id(raw_cluster['name'])
cluster_dict['name'] = raw_cluster['name']
cluster_dict['alias_ip_enabled'] = raw_cluster.get('ipAllocationPolicy', {}).get('useIpAliases', False)
cluster_dict['basic_authentication_enabled'] = self._is_basic_authentication_enabled(raw_cluster)
cluster_dict['client_certificate_enabled'] = self._is_client_certificate_enabled(raw_cluster)
cluster_dict['pod_security_policy_enabled'] = self._is_pod_security_policy_enabled(raw_cluster)
cluster_dict['dashboard_status'] = self._get_dashboard_status(raw_cluster)
cluster_dict['has_limited_scopes'] = self._has_limited_scopes(raw_cluster)
cluster_dict['image_type'] = raw_cluster.get('nodeConfig', {}).get('imageType', None)
cluster_dict['labels'] = raw_cluster.get('resourceLabels', [])
cluster_dict['has_labels'] = len(cluster_dict['labels']) > 0
cluster_dict['legacy_abac_enabled'] = raw_cluster.get('legacyAbac', {}).get('enabled', False)
cluster_dict['logging_enabled'] = self._is_logging_enabled(raw_cluster)
cluster_dict['master_authorized_networks_enabled'] = raw_cluster.get('masterAuthorizedNetworksConfig', {}).get('enabled', False)
cluster_dict['monitoring_enabled'] = self._is_monitoring_enabled(raw_cluster)
cluster_dict['network_policy_enabled'] = raw_cluster.get('networkPolicy', {}).get('enabled', False)
cluster_dict['node_pools'] = NodePools(raw_cluster)
cluster_dict['private_cluster_enabled'] = raw_cluster.get('privateClusterConfig', {}).get('enablePrivateNodes', False)
cluster_dict['private_ip_google_access_enabled'] = raw_cluster.get('privateIpGoogleAccess', False)
cluster_dict['scopes'] = self._get_scopes(raw_cluster)
cluster_dict['service_account'] = raw_cluster.get('nodeConfig', {}).get('serviceAccount', None)
cluster_dict['master_authorized_networks_config'] = self._get_master_authorized_networks_config(raw_cluster)
return cluster_dict['id'], cluster_dict
def _parse_alias(self, raw_alias):
alias_dict = {
# all KMS Aliases are prefixed with alias/, so we'll strip that off
'id': get_non_provider_id(raw_alias.get('AliasArn')),
'name': raw_alias.get('AliasName').split('alias/', 1)[-1],
'arn': raw_alias.get('AliasArn'),
'key_id': raw_alias.get('TargetKeyId')}
return alias_dict
def _parse_compliance_result(self, raw_compliance_result):
compliance_result_dict = {}
compliance_result_dict['id'] = get_non_provider_id(raw_compliance_result.id)
compliance_result_dict['name'] = raw_compliance_result.name
compliance_result_dict['type'] = raw_compliance_result.type
compliance_result_dict['resource_status'] = raw_compliance_result.resource_status
compliance_result_dict['additional_properties'] = raw_compliance_result.additional_properties
return compliance_result_dict['id'], compliance_result_dict
async def _parse_user(self, raw_user):
user = {}
user['identifier'] = raw_user.id
user['id'] = get_non_provider_id(raw_user.id)
user['name'] = raw_user.name
user['identifier'] = raw_user.id
user['mfa_activated'] = raw_user.is_mfa_activated
return user['id'], user
def _parse_identity(self, raw_identity):
identity_name, dkim_attributes = raw_identity
identity = {}
identity['name'] = identity_name
identity['DkimEnabled'] = dkim_attributes['DkimEnabled']
identity['DkimVerificationStatus'] = dkim_attributes['DkimVerificationStatus']
return get_non_provider_id(identity_name), identity
def _parse_key_vault(self, raw_vault):
vault = {}
vault['id'] = get_non_provider_id(raw_vault.id)
vault['name'] = raw_vault.name
vault['public_access_allowed'] = self._is_public_access_allowed(
raw_vault)
return vault['id'], vault
def _parse_domain(self, raw_domain):
domain_dict = {}
domain_dict['id'] = get_non_provider_id(raw_domain.get('DomainName'))
domain_dict['name'] = raw_domain.get('DomainName')
domain_dict['auto_renew'] = raw_domain.get('AutoRenew')
domain_dict['transfer_lock'] = raw_domain.get('TransferLock')
domain_dict['expiry'] = raw_domain.get('Expiry')
return domain_dict['id'], domain_dict
def _parse_parameter_group(self, raw_parameter_group):
raw_parameter_group['arn'] = raw_parameter_group.pop(
'DBParameterGroupArn')
raw_parameter_group['name'] = raw_parameter_group.pop(
'DBParameterGroupName')
raw_parameter_group['parameters'] = raw_parameter_group.pop(
'Parameters')
parameter_group_id = get_non_provider_id(raw_parameter_group['name'])
return parameter_group_id, raw_parameter_group
async def _parse_policy(self, raw_policy):
policy = {}
policy['id'] = get_non_provider_id(raw_policy.id)
policy['identifier'] = raw_policy.id
policy['name'] = raw_policy.name
policy['description'] = raw_policy.description
policy['statements'] = [s.lower() for s in raw_policy.statements]
policy['state'] = raw_policy.lifecycle_state
return policy['id'], policy
def _parse_parameter_group(self, raw_parameter_group):
parameter_group = {}
parameter_group['name'] = raw_parameter_group.get('ParameterGroupName')
parameter_group['id'] = get_non_provider_id(parameter_group['name'])
parameter_group['arn'] = format_arn(self.partition, self.service, self.region, self.facade.owner_id, raw_parameter_group.get('ParameterGroupName'), self.resource_type)
parameter_group['family'] = raw_parameter_group.get('ParameterGroupFamily')
parameter_group['description'] = raw_parameter_group.get('Description')
parameter_group['is_default'] = self._is_default(raw_parameter_group)
parameter_group['tags'] = raw_parameter_group.get('Tags')
return parameter_group['id'], parameter_group
