Skip to content

Commit

Permalink
Implement related.entity on CSPM (#2397)
Browse files Browse the repository at this point in the history 
* Add entity.id to findings events

* Change to `related.entities`

* Add test verification that related field is present

* Change to `related.entity`
  • Loading branch information
@romulets
romulets authored Aug 8, 2024
1 parent 229a005 commit 21ed3ca
Show file tree
Hide file tree
Showing 27 changed files with 203 additions and 13 deletions.
9 changes: 7 additions & 2 deletions internal/evaluator/opa_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,15 +36,20 @@ import (
"github.com/elastic/cloudbeat/internal/resources/utils/testhelper"
)

type DummyResource struct {
}
type DummyResource struct{}

func (d *DummyResource) GetMetadata() (fetching.ResourceMetadata, error) {
return fetching.ResourceMetadata{}, nil
}

func (d *DummyResource) GetData() any {
return d
}

func (d *DummyResource) GetIds() []string {
return nil
}

func (d *DummyResource) GetElasticCommonData() (map[string]any, error) {
return nil, nil
}
Expand Down
1 change: 1 addition & 0 deletions internal/resources/fetching/fetcher.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -137,6 +137,7 @@ type Resource interface {
GetMetadata() (ResourceMetadata, error)
GetData() any
GetElasticCommonData() (map[string]any, error)
GetIds() []string
}

type ResourceFields struct {
Expand Down
5 changes: 5 additions & 0 deletions internal/resources/fetching/fetchers/aws/ecr_fetcher.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ import (
"github.com/elastic/cloudbeat/internal/resources/fetching"
"github.com/elastic/cloudbeat/internal/resources/fetching/cycle"
"github.com/elastic/cloudbeat/internal/resources/providers/awslib/ecr"
"github.com/elastic/cloudbeat/internal/resources/utils/pointers"
)

const (
Expand Down Expand Up @@ -126,6 +127,10 @@ func (res EcrResource) GetData() any {
return res
}

func (res EcrResource) GetIds() []string {
return []string{pointers.Deref(res.RepositoryArn), pointers.Deref(res.RegistryId)}
}

func (res EcrResource) GetMetadata() (fetching.ResourceMetadata, error) {
if res.RepositoryArn == nil || res.RepositoryName == nil {
return fetching.ResourceMetadata{}, errors.New("received nil pointer")
Expand Down
14 changes: 11 additions & 3 deletions internal/resources/fetching/fetchers/aws/elb_fetcher.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -111,16 +111,24 @@ func (r ElbResource) GetMetadata() (fetching.ResourceMetadata, error) {
if r.lb.LoadBalancerName == nil {
return fetching.ResourceMetadata{}, errors.New("received nil pointer")
}

return fetching.ResourceMetadata{
// A compromise because aws-sdk do not return an arn for an Elb
ID: fmt.Sprintf("%s-%s", r.identity.Account, *r.lb.LoadBalancerName),
ID: r.buildId(),
Type: fetching.CloudLoadBalancer,
SubType: fetching.ElbType,
Name: *r.lb.LoadBalancerName,
}, nil
}

// buildId A compromise because aws-sdk do not return an arn for an Elb
func (r ElbResource) buildId() string {
id := fmt.Sprintf("%s-%s", r.identity.Account, *r.lb.LoadBalancerName)
return id
}

func (r ElbResource) GetIds() []string {
return []string{r.buildId()}
}

func (ElbResource) GetElasticCommonData() (map[string]any, error) {
return map[string]any{
"cloud.service.name": "ELB",
Expand Down
4 changes: 4 additions & 0 deletions internal/resources/fetching/fetchers/aws/iam_fetcher.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,6 +115,10 @@ func (r IAMResource) GetData() any {
return r.AwsResource
}

func (r IAMResource) GetIds() []string {
return []string{r.GetResourceArn(), r.identity.Account}
}

func (r IAMResource) GetMetadata() (fetching.ResourceMetadata, error) {
identifier := r.GetResourceArn()
if identifier == "" {
Expand Down
4 changes: 4 additions & 0 deletions internal/resources/fetching/fetchers/aws/kms_fetcher.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,10 @@ func (r KmsResource) GetMetadata() (fetching.ResourceMetadata, error) {
}, nil
}

func (r KmsResource) GetIds() []string {
return []string{r.key.GetResourceArn()}
}

func (r KmsResource) GetElasticCommonData() (map[string]any, error) {
m := map[string]any{
"cloud.service.name": "KMS",
Expand Down
12 changes: 12 additions & 0 deletions internal/resources/fetching/fetchers/aws/logging_fetcher.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -100,6 +100,13 @@ func (r LoggingResource) GetData() any {
return r.AwsResource
}

func (r LoggingResource) GetIds() []string {
return []string{
r.GetResourceArn(),
r.GetResourceName(), // trail names are unique and at times the unique identifier present in logs
}
}

func (r LoggingResource) GetMetadata() (fetching.ResourceMetadata, error) {
return fetching.ResourceMetadata{
ID: r.GetResourceArn(),
Expand All @@ -109,6 +116,7 @@ func (r LoggingResource) GetMetadata() (fetching.ResourceMetadata, error) {
Region: r.GetRegion(),
}, nil
}

func (r LoggingResource) GetElasticCommonData() (map[string]any, error) {
return map[string]any{
"cloud.service.name": "CloudTrail",
Expand All @@ -129,4 +137,8 @@ func (c ConfigResource) GetData() any {
return c.configs
}

func (c ConfigResource) GetIds() []string {
return []string{}
}

func (c ConfigResource) GetElasticCommonData() (map[string]any, error) { return nil, nil }
8 changes: 8 additions & 0 deletions internal/resources/fetching/fetchers/aws/monitoring_fetcher.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,10 @@ func (r MonitoringResource) GetData() any {
return r
}

func (r MonitoringResource) GetIds() []string {
return []string{}
}

func (r MonitoringResource) GetMetadata() (fetching.ResourceMetadata, error) {
id := fmt.Sprintf("cloudtrail-%s", r.identity.Account)
return fetching.ResourceMetadata{
Expand All @@ -110,6 +114,10 @@ func (s SecurityHubResource) GetData() any {
return s
}

func (s SecurityHubResource) GetIds() []string {
return []string{s.GetResourceArn()}
}

func (s SecurityHubResource) GetMetadata() (fetching.ResourceMetadata, error) {
return fetching.ResourceMetadata{
ID: s.GetResourceArn(),
Expand Down
4 changes: 4 additions & 0 deletions internal/resources/fetching/fetchers/aws/network_fetcher.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,10 @@ func (r NetworkResource) GetData() any {
return r.AwsResource
}

func (r NetworkResource) GetIds() []string {
return []string{r.GetResourceArn()}
}

func (r NetworkResource) GetMetadata() (fetching.ResourceMetadata, error) {
identifier := r.GetResourceArn()
return fetching.ResourceMetadata{
Expand Down
4 changes: 4 additions & 0 deletions internal/resources/fetching/fetchers/aws/rds_fetcher.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,10 @@ func (r RdsResource) GetData() any {
return r.dbInstance
}

func (r RdsResource) GetIds() []string {
return []string{r.dbInstance.GetResourceArn()}
}

func (r RdsResource) GetMetadata() (fetching.ResourceMetadata, error) {
return fetching.ResourceMetadata{
ID: r.dbInstance.GetResourceArn(),
Expand Down
4 changes: 4 additions & 0 deletions internal/resources/fetching/fetchers/aws/s3_fetcher.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,10 @@ func (r S3Resource) GetData() any {
return r.bucket
}

func (r S3Resource) GetIds() []string {
return []string{r.bucket.GetResourceArn()}
}

func (r S3Resource) GetMetadata() (fetching.ResourceMetadata, error) {
return fetching.ResourceMetadata{
ID: r.bucket.GetResourceArn(),
Expand Down
4 changes: 4 additions & 0 deletions internal/resources/fetching/fetchers/azure/assets_fetcher.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -174,6 +174,10 @@ func (r *AzureResource) GetMetadata() (fetching.ResourceMetadata, error) {
}, nil
}

func (r *AzureResource) GetIds() []string {
return []string{r.Asset.Id}
}

func (r *AzureResource) GetElasticCommonData() (map[string]any, error) {
m := map[string]any{}

Expand Down
6 changes: 6 additions & 0 deletions internal/resources/fetching/fetchers/azure/batch_fetcher.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -124,6 +124,12 @@ func (r *AzureBatchResource) GetData() any {
return r.Assets
}

func (r *AzureBatchResource) GetIds() []string {
return lo.Map(r.Assets, func(item inventory.AzureAsset, _ int) string {
return item.Id
})
}

func (r *AzureBatchResource) GetMetadata() (fetching.ResourceMetadata, error) {
// Assuming all batch in not empty includes assets of the same subscription
id := fmt.Sprintf("%s-%s", r.SubType, r.Subscription.ShortID)
Expand Down
11 changes: 10 additions & 1 deletion internal/resources/fetching/fetchers/azure/locations_network_watcher_batch_fetcher.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,7 +115,7 @@ type NetworkWatchersBatchedByLocationResource struct {
}

func (r *NetworkWatchersBatchedByLocationResource) GetMetadata() (fetching.ResourceMetadata, error) {
id := fmt.Sprintf("%s-%s-%s", r.SubType, r.Location.Name, r.Subscription.ShortID)
id := r.buildId()
return fetching.ResourceMetadata{
ID: id,
Name: id,
Expand All @@ -126,10 +126,19 @@ func (r *NetworkWatchersBatchedByLocationResource) GetMetadata() (fetching.Resou
}, nil
}

func (r *NetworkWatchersBatchedByLocationResource) buildId() string {
id := fmt.Sprintf("%s-%s-%s", r.SubType, r.Location.Name, r.Subscription.ShortID)
return id
}

func (r *NetworkWatchersBatchedByLocationResource) GetData() any {
return r
}

func (r *NetworkWatchersBatchedByLocationResource) GetIds() []string {
return []string{r.buildId()}
}

func (r *NetworkWatchersBatchedByLocationResource) GetElasticCommonData() (map[string]any, error) {
return nil, nil
}
4 changes: 4 additions & 0 deletions internal/resources/fetching/fetchers/gcp/assets_fetcher.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -131,6 +131,10 @@ func (r *GcpAsset) GetData() any {
return r.ExtendedAsset.Asset
}

func (r *GcpAsset) GetIds() []string {
return []string{r.ExtendedAsset.Name}
}

func (r *GcpAsset) GetMetadata() (fetching.ResourceMetadata, error) {
var region string

Expand Down
10 changes: 9 additions & 1 deletion internal/resources/fetching/fetchers/gcp/log_sink_fetcher.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,7 @@ func (f *GcpLogSinkFetcher) Stop() {
}

func (g *GcpLoggingAsset) GetMetadata() (fetching.ResourceMetadata, error) {
id := fmt.Sprintf("%s-%s", g.subType, g.Asset.CloudAccount.AccountId)
id := g.buildId()
return fetching.ResourceMetadata{
ID: id,
Type: g.Type,
Expand All @@ -93,10 +93,18 @@ func (g *GcpLoggingAsset) GetMetadata() (fetching.ResourceMetadata, error) {
}, nil
}

func (g *GcpLoggingAsset) buildId() string {
return fmt.Sprintf("%s-%s", g.subType, g.Asset.CloudAccount.AccountId)
}

func (g *GcpLoggingAsset) GetData() any {
return g.Asset
}

func (g *GcpLoggingAsset) GetIds() []string {
return []string{g.buildId()}
}

func (g *GcpLoggingAsset) GetElasticCommonData() (map[string]any, error) {
return nil, nil
}
10 changes: 9 additions & 1 deletion internal/resources/fetching/fetchers/gcp/monitoring_fetcher.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,7 @@ func (f *GcpMonitoringFetcher) Stop() {
}

func (g *GcpMonitoringAsset) GetMetadata() (fetching.ResourceMetadata, error) {
id := fmt.Sprintf("%s-%s", g.subType, g.Asset.CloudAccount.AccountId)
id := g.buildId()
return fetching.ResourceMetadata{
ID: id,
Type: g.Type,
Expand All @@ -98,10 +98,18 @@ func (g *GcpMonitoringAsset) GetMetadata() (fetching.ResourceMetadata, error) {
}, nil
}

func (g *GcpMonitoringAsset) buildId() string {
return fmt.Sprintf("%s-%s", g.subType, g.Asset.CloudAccount.AccountId)
}

func (g *GcpMonitoringAsset) GetData() any {
return g.Asset
}

func (g *GcpMonitoringAsset) GetIds() []string {
return []string{g.buildId()}
}

func (g *GcpMonitoringAsset) GetElasticCommonData() (map[string]any, error) {
return nil, nil
}
11 changes: 10 additions & 1 deletion internal/resources/fetching/fetchers/gcp/policies_fetcher.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -81,7 +81,7 @@ func (f *GcpPoliciesFetcher) Stop() {
}

func (g *GcpPoliciesAsset) GetMetadata() (fetching.ResourceMetadata, error) {
id := fmt.Sprintf("%s-%s", g.subType, g.Asset.CloudAccount.AccountId)
id := g.buildId()
return fetching.ResourceMetadata{
ID: id,
Type: g.Type,
Expand All @@ -92,10 +92,19 @@ func (g *GcpPoliciesAsset) GetMetadata() (fetching.ResourceMetadata, error) {
}, nil
}

func (g *GcpPoliciesAsset) buildId() string {
id := fmt.Sprintf("%s-%s", g.subType, g.Asset.CloudAccount.AccountId)
return id
}

func (g *GcpPoliciesAsset) GetData() any {
return g.Asset.Policies
}

func (g *GcpPoliciesAsset) GetIds() []string {
return []string{g.buildId()}
}

func (g *GcpPoliciesAsset) GetElasticCommonData() (map[string]any, error) {
return nil, nil
}
10 changes: 9 additions & 1 deletion internal/resources/fetching/fetchers/gcp/service_usage_fetcher.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,7 @@ func (f *GcpServiceUsageFetcher) Stop() {
}

func (g *GcpServiceUsageAsset) GetMetadata() (fetching.ResourceMetadata, error) {
id := fmt.Sprintf("%s-%s", g.subType, g.Asset.CloudAccount.AccountId)
id := g.buildId()
return fetching.ResourceMetadata{
ID: id,
Type: g.Type,
Expand All @@ -93,10 +93,18 @@ func (g *GcpServiceUsageAsset) GetMetadata() (fetching.ResourceMetadata, error)
}, nil
}

func (g *GcpServiceUsageAsset) buildId() string {
return fmt.Sprintf("%s-%s", g.subType, g.Asset.CloudAccount.AccountId)
}

func (g *GcpServiceUsageAsset) GetData() any {
return g.Asset
}

func (g *GcpServiceUsageAsset) GetIds() []string {
return []string{g.buildId()}
}

func (g *GcpServiceUsageAsset) GetElasticCommonData() (map[string]any, error) {
return nil, nil
}
4 changes: 4 additions & 0 deletions internal/resources/fetching/fetchers/k8s/file_system_fetcher.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -182,6 +182,10 @@ func (r FSResource) GetData() any {
return r.EvalResource
}

func (r FSResource) GetIds() []string {
return nil
}

func (r FSResource) GetElasticCommonData() (map[string]any, error) {
m := map[string]any{}

Expand Down
4 changes: 4 additions & 0 deletions internal/resources/fetching/fetchers/k8s/kube_provider.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,10 @@ func (r K8sResource) GetData() any {
return r.Data
}

func (r K8sResource) GetIds() []string {
return nil
}

func (r K8sResource) GetMetadata() (fetching.ResourceMetadata, error) {
k8sObj := reflect.Indirect(reflect.ValueOf(r.Data))
k8sObjMeta := getK8sObjectMeta(r.log, k8sObj)
Expand Down
4 changes: 4 additions & 0 deletions internal/resources/fetching/fetchers/k8s/process_fetcher.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -279,6 +279,10 @@ func (res ProcResource) GetData() any {
return res.EvalResource
}

func (res ProcResource) GetIds() []string {
return nil
}

func (res ProcResource) GetMetadata() (fetching.ResourceMetadata, error) {
return fetching.ResourceMetadata{
ID: res.EvalResource.PID + res.EvalResource.Stat.StartTime,
Expand Down
Loading

0 comments on commit 21ed3ca

Please sign in to comment.