inventory

package
v0.0.0-...-6499515 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 21, 2026 License: Apache-2.0 Imports: 11 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	AwsCloudProvider   = "aws"
	AzureCloudProvider = "azure"
	GcpCloudProvider   = "gcp"
)

Variables

View Source 
var (
	// AWS
	AssetClassificationAwsEc2Instance              = AssetClassification{CategoryHost, "AWS EC2 Instance"}
	AssetClassificationAwsElbV1                    = AssetClassification{CategoryLoadBalancer, "AWS Elastic Load Balancer"}
	AssetClassificationAwsElbV2                    = AssetClassification{CategoryLoadBalancer, "AWS Elastic Load Balancer v2"}
	AssetClassificationAwsIamPolicy                = AssetClassification{CategoryAccessManagement, "AWS IAM Policy"}
	AssetClassificationAwsIamRole                  = AssetClassification{CategoryServiceAccount, "AWS IAM Role"}
	AssetClassificationAwsIamUser                  = AssetClassification{CategoryIdentity, "AWS IAM User"}
	AssetClassificationAwsLambdaEventSourceMapping = AssetClassification{CategoryFaaS, "AWS Lambda Event Source Mapping"}
	AssetClassificationAwsLambdaFunction           = AssetClassification{CategoryFaaS, "AWS Lambda Function"}
	AssetClassificationAwsLambdaLayer              = AssetClassification{CategoryFaaS, "AWS Lambda Layer"}
	AssetClassificationAwsInternetGateway          = AssetClassification{CategoryGateway, "AWS Internet Gateway"}
	AssetClassificationAwsNatGateway               = AssetClassification{CategoryGateway, "AWS NAT Gateway"}
	AssetClassificationAwsNetworkAcl               = AssetClassification{CategoryNetworking, "AWS EC2 Network ACL"}
	AssetClassificationAwsNetworkInterface         = AssetClassification{CategoryNetworking, "AWS EC2 Network Interface"}
	AssetClassificationAwsSecurityGroup            = AssetClassification{CategoryFirewall, "AWS EC2 Security Group"}
	AssetClassificationAwsSubnet                   = AssetClassification{CategoryNetworking, "AWS EC2 Subnet"}
	AssetClassificationAwsTransitGateway           = AssetClassification{CategoryGateway, "AWS Transit Gateway"}
	AssetClassificationAwsTransitGatewayAttachment = AssetClassification{CategoryGateway, "AWS Transit Gateway Attachment"}
	AssetClassificationAwsVpcPeeringConnection     = AssetClassification{CategoryNetworking, "AWS VPC Peering Connection"}
	AssetClassificationAwsVpc                      = AssetClassification{CategoryNetworking, "AWS VPC"}
	AssetClassificationAwsRds                      = AssetClassification{CategoryDatabase, "AWS RDS Instance"}
	AssetClassificationAwsS3Bucket                 = AssetClassification{CategoryStorageBucket, "AWS S3 Bucket"}
	AssetClassificationAwsSnsTopic                 = AssetClassification{CategoryMessagingService, "AWS SNS Topic"}

	// Azure
	AssetClassificationAzureAppService           = AssetClassification{CategoryWebService, "Azure App Service"}
	AssetClassificationAzureContainerRegistry    = AssetClassification{CategoryContainerRegistry, "Azure Container Registry"}
	AssetClassificationAzureCosmosDBAccount      = AssetClassification{CategoryInfrastructure, "Azure Cosmos DB Account"}
	AssetClassificationAzureCosmosDBSQLDatabase  = AssetClassification{CategoryInfrastructure, "Azure Cosmos DB SQL Database"}
	AssetClassificationAzureDisk                 = AssetClassification{CategoryVolume, "Azure Disk"}
	AssetClassificationAzureElasticPool          = AssetClassification{CategoryDatabase, "Azure Elastic Pool"}
	AssetClassificationAzureEntraGroup           = AssetClassification{CategoryGroup, "Azure Microsoft Entra ID Group"}
	AssetClassificationAzureEntraUser            = AssetClassification{CategoryIdentity, "Azure Microsoft Entra ID User"}
	AssetClassificationAzureResourceGroup        = AssetClassification{CategoryAccessManagement, "Azure Resource Group"}
	AssetClassificationAzureRoleDefinition       = AssetClassification{CategoryAccessManagement, "Azure RoleDefinition"}
	AssetClassificationAzureSQLDatabase          = AssetClassification{CategoryDatabase, "Azure SQL Database"}
	AssetClassificationAzureSQLServer            = AssetClassification{CategoryDatabase, "Azure SQL Server"}
	AssetClassificationAzureServicePrincipal     = AssetClassification{CategoryServiceAccount, "Azure Principal"}
	AssetClassificationAzureSnapshot             = AssetClassification{CategorySnapshot, "Azure Snapshot"}
	AssetClassificationAzureStorageAccount       = AssetClassification{CategoryPrivateEndpoint, "Azure Storage Account"}
	AssetClassificationAzureStorageBlobContainer = AssetClassification{CategoryStorageBucket, "Azure Storage Blob Container"}
	AssetClassificationAzureStorageBlobService   = AssetClassification{CategoryServiceUsageTechnology, "Azure Storage Blob Service"}
	AssetClassificationAzureStorageFileService   = AssetClassification{CategoryFileSystemService, "Azure Storage File Service"}
	AssetClassificationAzureStorageFileShare     = AssetClassification{CategoryFileSystemService, "Azure Storage File Share"}
	AssetClassificationAzureStorageQueue         = AssetClassification{CategoryMessagingService, "Azure Storage Queue"}
	AssetClassificationAzureStorageQueueService  = AssetClassification{CategoryMessagingService, "Azure Storage Queue Service"}
	AssetClassificationAzureStorageTable         = AssetClassification{CategoryDatabase, "Azure Storage Table"}
	AssetClassificationAzureStorageTableService  = AssetClassification{CategoryServiceUsageTechnology, "Azure Storage Table Service"}
	AssetClassificationAzureSubscription         = AssetClassification{CategoryAccessManagement, "Azure Subscription"}
	AssetClassificationAzureTenant               = AssetClassification{CategoryAccessManagement, "Azure Tenant"}
	AssetClassificationAzureVirtualMachine       = AssetClassification{CategoryHost, "Azure Virtual Machine"}

	// GCP
	AssetClassificationGcpProject           = AssetClassification{CategoryAccount, "GCP Project"}
	AssetClassificationGcpOrganization      = AssetClassification{CategoryOrganization, "GCP Organization"}
	AssetClassificationGcpFolder            = AssetClassification{CategoryOrganization, "GCP Folder"}
	AssetClassificationGcpInstance          = AssetClassification{CategoryHost, "GCP Compute Instance"}
	AssetClassificationGcpBucket            = AssetClassification{CategoryStorageBucket, "GCP Bucket"}
	AssetClassificationGcpFirewall          = AssetClassification{CategoryFirewall, "GCP Firewall"}
	AssetClassificationGcpSubnet            = AssetClassification{CategorySubnet, "GCP Subnet"}
	AssetClassificationGcpServiceAccount    = AssetClassification{CategoryAccessManagement, "GCP Service Account"}
	AssetClassificationGcpServiceAccountKey = AssetClassification{CategoryAccessManagement, "GCP Service Account Key"}
	AssetClassificationGcpGkeCluster        = AssetClassification{CategoryOrchestrator, "GCP Kubernetes Engine (GKE) Cluster"}
	AssetClassificationGcpForwardingRule    = AssetClassification{CategoryLoadBalancer, "GCP Load Balancing Forwarding Rule"}
	AssetClassificationGcpIamRole           = AssetClassification{CategoryServiceUsageTechnology, "GCP IAM Role"}
	AssetClassificationGcpCloudFunction     = AssetClassification{CategoryFaaS, "GCP Cloud Function"}
	AssetClassificationGcpCloudRunService   = AssetClassification{CategoryContainerService, "GCP Cloud Run Service"}
	AssetClassificationGcpNetwork           = AssetClassification{CategoryNetworking, "GCP VPC Network"}
)

AssetClassifications below are used to generate 'internal/inventory/ASSETS.md'. Please keep formatting consistent.

Functions

This section is empty.

Types

type AssetClassification 

type AssetClassification struct {
	Category AssetType    `json:"type"`
	Type     AssetSubType `json:"sub_type"`
}

AssetClassification holds the taxonomy of an asset

type AssetEnricher 

type AssetEnricher func(asset *AssetEvent)

AssetEnricher functional builder function

func EmptyEnricher 

func EmptyEnricher() AssetEnricher

func WithCloud 

func WithCloud(cloud Cloud) AssetEnricher

func WithContainer 

func WithContainer(container Container) AssetEnricher

func WithFass 

func WithFass(fass Fass) AssetEnricher

func WithGroup 

func WithGroup(group Group) AssetEnricher

func WithHost 

func WithHost(host Host) AssetEnricher

func WithLabels 

func WithLabels(labels map[string]string) AssetEnricher

func WithLabelsFromAny 

func WithLabelsFromAny(labels map[string]any) AssetEnricher

func WithNetwork 

func WithNetwork(network Network) AssetEnricher

func WithOrchestrator 

func WithOrchestrator(orchestrator Orchestrator) AssetEnricher

func WithOrganization 

func WithOrganization(org Organization) AssetEnricher

func WithRawAsset 

func WithRawAsset(raw any) AssetEnricher

func WithRelatedAssetIds 

func WithRelatedAssetIds(ids []string) AssetEnricher

func WithTags 

func WithTags(tags []string) AssetEnricher

func WithURL 

func WithURL(url URL) AssetEnricher

func WithUser 

func WithUser(user User) AssetEnricher

type AssetEvent 

type AssetEvent struct {
	Entity       Entity
	Event        Event
	Cloud        *Cloud
	Container    *Container
	Fass         *Fass
	Group        *Group
	Host         *Host
	Network      *Network
	Orchestrator *Orchestrator
	Organization *Organization
	URL          *URL
	User         *User
	Labels       map[string]string
	Tags         []string
}

AssetEvent holds the whole asset

func NewAssetEvent 

func NewAssetEvent(c AssetClassification, id string, name string, enrichers ...AssetEnricher) AssetEvent

type AssetFetcher 

type AssetFetcher interface {
	Fetch(ctx context.Context, assetChannel chan<- AssetEvent)
}

type AssetInventory 

type AssetInventory struct {
	// contains filtered or unexported fields
}

func NewAssetInventory 

func NewAssetInventory(logger *clog.Logger, namespace string, fetchers []AssetFetcher, publisher AssetPublisher, now func() time.Time, period time.Duration) AssetInventory

func (*AssetInventory) Run 

func (a *AssetInventory) Run(ctx context.Context)

func (*AssetInventory) Stop 

func (a *AssetInventory) Stop()

type AssetPublisher 

type AssetPublisher interface {
	PublishAll([]beat.Event)
}

type AssetSubType 

type AssetSubType string

AssetSubType is used to build the document index.

type AssetType 

type AssetType string

AssetType is used to build the document index. 

const (
	CategoryAccessManagement       AssetType = "Access Management"
	CategoryAccount                AssetType = "Account"
	CategoryContainerRegistry      AssetType = "Container Registry"
	CategoryContainerService       AssetType = "Container Service"
	CategoryDatabase               AssetType = "Database"
	CategoryFaaS                   AssetType = "FaaS"
	CategoryFileSystemService      AssetType = "File System Service"
	CategoryFirewall               AssetType = "Firewall"
	CategoryGateway                AssetType = "Gateway"
	CategoryGroup                  AssetType = "Group"
	CategoryHost                   AssetType = "Host"
	CategoryIdentity               AssetType = "Identity"
	CategoryInfrastructure         AssetType = "Infrastructure"
	CategoryLoadBalancer           AssetType = "Load Balancer"
	CategoryMessagingService       AssetType = "Messaging Service"
	CategoryNetworking             AssetType = "Networking"
	CategoryOrchestrator           AssetType = "Orchestrator"
	CategoryOrganization           AssetType = "Organization"
	CategoryPrivateEndpoint        AssetType = "Private Endpoint"
	CategoryServiceAccount         AssetType = "Service Account"
	CategoryServiceUsageTechnology AssetType = "Service Usage Technology"
	CategorySnapshot               AssetType = "Snapshot"
	CategoryStorageBucket          AssetType = "Storage Bucket"
	CategorySubnet                 AssetType = "Subnet"
	CategoryVolume                 AssetType = "Volume"
	CategoryWebService             AssetType = "Web Service"
)

type Cloud 

type Cloud struct {
	Provider         string `json:"provider,omitempty"`
	Region           string `json:"region,omitempty"`
	AvailabilityZone string `json:"availability_zone,omitempty"`
	AccountID        string `json:"account.id,omitempty"`
	AccountName      string `json:"account.name,omitempty"`
	InstanceID       string `json:"instance.id,omitempty"`
	InstanceName     string `json:"instance.name,omitempty"`
	MachineType      string `json:"machine.type,omitempty"`
	ServiceName      string `json:"service.name,omitempty"`
	ProjectID        string `json:"project.id,omitempty"`
	ProjectName      string `json:"project.name,omitempty"`
}

type Container 

type Container struct {
	ID        string `json:"id,omitempty"`
	Name      string `json:"name,omitempty"`
	ImageName string `json:"image.name,omitempty"`
}

type Entity 

type Entity struct {
	Id     string  `json:"id"`
	Name   string  `json:"name"`
	Source *string `json:"source"`
	Raw    *any    `json:"raw"`
	AssetClassification
	// contains filtered or unexported fields
}

Entity contains the identifiers of the asset

type Event 

type Event struct {
	Kind string `json:"kind"`
}

type Fass 

type Fass struct {
	Name    string `json:"name,omitempty"`
	Version string `json:"version,omitempty"`
}

type Group 

type Group struct {
	ID     string `json:"id,omitempty"`
	Name   string `json:"name,omitempty"`
	Domain string `json:"domain,omitempty"`
}

type Host 

type Host struct {
	ID           string   `json:"id,omitempty"`
	Name         string   `json:"name,omitempty"`
	Architecture string   `json:"architecture,omitempty"`
	Type         string   `json:"type,omitempty"`
	IP           string   `json:"ip,omitempty"`
	MacAddress   []string `json:"mac,omitempty"`
	Entity       *Entity  `json:"entity,omitempty"`
}

type MockAssetFetcher 

type MockAssetFetcher struct {
	mock.Mock
}

MockAssetFetcher is an autogenerated mock type for the AssetFetcher type

func NewMockAssetFetcher 

func NewMockAssetFetcher(t interface {
	mock.TestingT
	Cleanup(func())
}) *MockAssetFetcher

NewMockAssetFetcher creates a new instance of MockAssetFetcher. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations. The first argument is typically a *testing.T value.

func (*MockAssetFetcher) EXPECT 

func (_m *MockAssetFetcher) EXPECT() *MockAssetFetcher_Expecter

func (*MockAssetFetcher) Fetch 

func (_mock *MockAssetFetcher) Fetch(ctx context.Context, assetChannel chan<- AssetEvent)

Fetch provides a mock function for the type MockAssetFetcher

type MockAssetFetcher_Expecter 

type MockAssetFetcher_Expecter struct {
	// contains filtered or unexported fields
}

func (*MockAssetFetcher_Expecter) Fetch 

func (_e *MockAssetFetcher_Expecter) Fetch(ctx interface{}, assetChannel interface{}) *MockAssetFetcher_Fetch_Call

Fetch is a helper method to define mock.On call

  • ctx context.Context
  • assetChannel chan<- AssetEvent

type MockAssetFetcher_Fetch_Call 

type MockAssetFetcher_Fetch_Call struct {
	*mock.Call
}

MockAssetFetcher_Fetch_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'Fetch'

func (*MockAssetFetcher_Fetch_Call) Return 

func (_c *MockAssetFetcher_Fetch_Call) Return() *MockAssetFetcher_Fetch_Call

func (*MockAssetFetcher_Fetch_Call) Run 

func (_c *MockAssetFetcher_Fetch_Call) Run(run func(ctx context.Context, assetChannel chan<- AssetEvent)) *MockAssetFetcher_Fetch_Call

func (*MockAssetFetcher_Fetch_Call) RunAndReturn 

func (_c *MockAssetFetcher_Fetch_Call) RunAndReturn(run func(ctx context.Context, assetChannel chan<- AssetEvent)) *MockAssetFetcher_Fetch_Call

type MockAssetPublisher 

type MockAssetPublisher struct {
	mock.Mock
}

MockAssetPublisher is an autogenerated mock type for the AssetPublisher type

func NewMockAssetPublisher 

func NewMockAssetPublisher(t interface {
	mock.TestingT
	Cleanup(func())
}) *MockAssetPublisher

NewMockAssetPublisher creates a new instance of MockAssetPublisher. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations. The first argument is typically a *testing.T value.

func (*MockAssetPublisher) EXPECT 

func (_m *MockAssetPublisher) EXPECT() *MockAssetPublisher_Expecter

func (*MockAssetPublisher) PublishAll 

func (_mock *MockAssetPublisher) PublishAll(events []beat.Event)

PublishAll provides a mock function for the type MockAssetPublisher

type MockAssetPublisher_Expecter 

type MockAssetPublisher_Expecter struct {
	// contains filtered or unexported fields
}

func (*MockAssetPublisher_Expecter) PublishAll 

func (_e *MockAssetPublisher_Expecter) PublishAll(events interface{}) *MockAssetPublisher_PublishAll_Call

PublishAll is a helper method to define mock.On call

  • events []beat.Event

type MockAssetPublisher_PublishAll_Call 

type MockAssetPublisher_PublishAll_Call struct {
	*mock.Call
}

MockAssetPublisher_PublishAll_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'PublishAll'

func (*MockAssetPublisher_PublishAll_Call) Return 

func (_c *MockAssetPublisher_PublishAll_Call) Return() *MockAssetPublisher_PublishAll_Call

func (*MockAssetPublisher_PublishAll_Call) Run 

func (_c *MockAssetPublisher_PublishAll_Call) Run(run func(events []beat.Event)) *MockAssetPublisher_PublishAll_Call

func (*MockAssetPublisher_PublishAll_Call) RunAndReturn 

func (_c *MockAssetPublisher_PublishAll_Call) RunAndReturn(run func(events []beat.Event)) *MockAssetPublisher_PublishAll_Call

type Network 

type Network struct {
	Name      string `json:"name,omitempty"`
	Direction string `json:"direction,omitempty"`
	Type      string `json:"type,omitempty"`
}

type Orchestrator 

type Orchestrator struct {
	ClusterID   string `json:"cluster.id,omitempty"`
	ClusterName string `json:"cluster.name,omitempty"`
	Type        string `json:"type,omitempty"`
}

type Organization 

type Organization struct {
	ID   string `json:"id,omitempty"`
	Name string `json:"name,omitempty"`
}

type URL 

type URL struct {
	Full string `json:"full"`
}

type User 

type User struct {
	ID     string   `json:"id,omitempty"`
	Name   string   `json:"name,omitempty"`
	Email  string   `json:"email,omitempty"`
	Roles  []string `json:"roles,omitempty"`
	Entity *Entity  `json:"entity,omitempty"`
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.