Skip to content

Commit

Permalink
✨ Add disk encryption key to GCP compute disks (#795)
Browse files Browse the repository at this point in the history 
```typescript
./cnquery run gcp -c "gcp.project.compute.disks{name diskEncryptionKey}"                                                                                                                                                   
→ discover related assets for 1 asset(s)
→ resolved assets resolved-assets=1
gcp.project.compute.disks: [
  0: {
    diskEncryptionKey: {}
    name: "gke-mondoo-gke-cluster-2-generic-pool-738078cc-1bdm"
  }
  1: {
    diskEncryptionKey: {}
    name: "gke-mondoo-gke-cluster-2-generic-pool-738078cc-fhgp"
  }
  2: {
    diskEncryptionKey: {}
    name: "test-other-zone"
  }
]
```

Signed-off-by: Ivan Milchev <[email protected]>
  • Loading branch information
@imilchev
imilchev authored Jan 17, 2023
1 parent aeb0322 commit 87da1d5
Show file tree
Hide file tree
Showing 5 changed files with 46 additions and 2 deletions.
12 changes: 12 additions & 0 deletions resources/packs/gcp/compute.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -676,6 +676,17 @@ func (g *mqlGcpProjectComputeService) GetDisks() ([]interface{}, error) {
guestOsFeatures = append(guestOsFeatures, entry.Type)
}

var mqlDiskEnc map[string]interface{}
if disk.DiskEncryptionKey != nil {
mqlDiskEnc = map[string]interface{}{
"kmsKeyName": disk.DiskEncryptionKey.KmsKeyName,
"kmsKeyServiceAccount": disk.DiskEncryptionKey.KmsKeyServiceAccount,
"rawKey": disk.DiskEncryptionKey.RawKey,
"rsaEncryptedKey": disk.DiskEncryptionKey.RsaEncryptedKey,
"sha256": disk.DiskEncryptionKey.Sha256,
}
}

mqlDisk, err := g.MotorRuntime.CreateResource("gcp.project.computeService.disk",
"id", strconv.FormatUint(disk.Id, 10),
"name", disk.Name,
Expand All @@ -701,6 +712,7 @@ func (g *mqlGcpProjectComputeService) GetDisks() ([]interface{}, error) {
"status", disk.Status,
"zone", zone,
"created", parseTime(disk.CreationTimestamp),
"diskEncryptionKey", mqlDiskEnc,
)
if err != nil {
return err
Expand Down
2 changes: 2 additions & 0 deletions resources/packs/gcp/gcp.lr
View file
Original file line number Diff line number Diff line change
Expand Up @@ -341,6 +341,8 @@ private gcp.project.computeService.disk @defaults("name") {
zone gcp.project.computeService.zone
// Creation timestamp
created time
// Disk encryption key
diskEncryptionKey dict
}

// GCP Compute Attached Disk
Expand Down
30 changes: 30 additions & 0 deletions resources/packs/gcp/gcp.lr.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion resources/packs/gcp/info/gcp.lr.json
View file

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion resources/packs/k8s/k8s.lr.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit 87da1d5

Please sign in to comment.