Skip to content

Commit 0a912c0

Browse files
alphadev4alphadev4
authored
Merge branch 'master' into settingCheckENI
2 parents 61e87df + f809ec3 commit 0a912c0

File tree

112 files changed

+9725
-46
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

112 files changed

+9725
-46
lines changed

collectors/google/collector.js

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -30,6 +30,9 @@ var tertiarycalls = apiCalls.tertiarycalls;
3030

3131
var specialcalls = apiCalls.specialcalls;
3232

33+
var additionalCalls = apiCalls.additionalCalls;
34+
35+
3336
var collect = function(GoogleConfig, settings, callback) {
3437
var collection = {};
3538

@@ -175,6 +178,38 @@ var collect = function(GoogleConfig, settings, callback) {
175178
}
176179
});
177180
},
181+
function(cb) {
182+
async.eachOfLimit(additionalCalls, 10, function(additionalCallObj, service, additionalCallCb) {
183+
helpers.processCall(GoogleConfig, collection, settings, regions, additionalCallObj, service, client, function() {
184+
if (settings.identifier && additionalCalls[service].sendIntegration && additionalCalls[service].sendIntegration.enabled) {
185+
if (!additionalCalls[service].sendIntegration.integrationReliesOn) {
186+
integrationCall(collection, settings, service, [], [additionalCalls], function() {
187+
additionalCallCb();
188+
});
189+
} else {
190+
services.push(service);
191+
additionalCallCb();
192+
}
193+
} else {
194+
additionalCallCb();
195+
}
196+
});
197+
}, function() {
198+
if (settings.identifier) {
199+
async.each(services, function(serv, callB) {
200+
integrationCall(collection, settings, serv, [], [additionalCalls], callB);
201+
}, function(err) {
202+
if (err) {
203+
console.log(err);
204+
}
205+
services = [];
206+
cb();
207+
});
208+
} else {
209+
cb();
210+
}
211+
});
212+
},
178213
function(cb) {
179214
async.eachOfLimit(specialcalls, 10, function(specialCallObj, service, specialCallCb) {
180215
async.eachOfLimit(specialCallObj, 10, function(subCallObj, one, subCallCb) {

exports.js

Lines changed: 52 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -52,6 +52,11 @@ module.exports = {
5252
'workgroupEncrypted' : require(__dirname + '/plugins/aws/athena/workgroupEncrypted.js'),
5353
'workgroupEnforceConfiguration' : require(__dirname + '/plugins/aws/athena/workgroupEnforceConfiguration.js'),
5454

55+
'customModelInVpc' :require(__dirname + '/plugins/aws/bedrock/customModelInVpc.js'),
56+
'privateCustomModel' :require(__dirname + '/plugins/aws/bedrock/privateCustomModel.js'),
57+
'modelInvocationLoggingEnabled' :require(__dirname + '/plugins/aws/bedrock/modelInvocationLoggingEnabled.js'),
58+
'customModelEncrypted' :require(__dirname + '/plugins/aws/bedrock/customModelEncryptionEnabled.js'),
59+
5560
'infraConfigNotificationEnabled': require(__dirname + '/plugins/aws/imagebuilder/infraConfigNotificationEnabled.js'),
5661
'publicS3Origin' : require(__dirname + '/plugins/aws/cloudfront/publicS3Origin.js'),
5762
'secureOrigin' : require(__dirname + '/plugins/aws/cloudfront/secureOrigin.js'),
@@ -692,6 +697,7 @@ module.exports = {
692697
'minimumTlsVersion' : require(__dirname + '/plugins/azure/redisCache/minimumTlsVersion.js'),
693698
'sslAccessOnlyEnabled' : require(__dirname + '/plugins/azure/redisCache/sslAccessOnlyEnabled.js'),
694699
'redisCacheHasTags' : require(__dirname + '/plugins/azure/redisCache/redisCacheHasTags.js'),
700+
'redisCachePrivateEndpoint' : require(__dirname + '/plugins/azure/redisCache/redisCachePrivateEndpoint.js'),
695701

696702
'multipleSubnets' : require(__dirname + '/plugins/azure/virtualnetworks/multipleSubnets.js'),
697703
'ddosStandardProtectionEnabled' : require(__dirname + '/plugins/azure/virtualnetworks/ddosStandardProtectionEnabled.js'),
@@ -746,6 +752,10 @@ module.exports = {
746752
'snapshotByokEncryptionEnabled' : require(__dirname + '/plugins/azure/virtualmachines/snapshotByokEncryptionEnabled.js'),
747753
'systemAssignedIdentityEnabled' : require(__dirname + '/plugins/azure/virtualmachines/systemAssignedIdentityEnabled.js'),
748754
'vmWindowsAntiMalwareExtension' : require(__dirname + '/plugins/azure/virtualmachines/vmWindowsAntiMalwareExtension.js'),
755+
'vmSecurityType' : require(__dirname + '/plugins/azure/virtualmachines/vmSecurityType.js'),
756+
'vmVTPMEnabled' : require(__dirname + '/plugins/azure/virtualmachines/vmVTPMEnabled.js'),
757+
'vmSecureBootEnabled' : require(__dirname + '/plugins/azure/virtualmachines/vmSecureBootEnabled.js'),
758+
'vmDiskDeleteConfig' : require(__dirname + '/plugins/azure/virtualmachines/vmDiskDeleteConfig.js'),
749759

750760
'bastionHostExists' : require(__dirname + '/plugins/azure/bastion/bastionHostExists.js'),
751761

@@ -806,6 +816,7 @@ module.exports = {
806816
'logRetentionDays' : require(__dirname + '/plugins/azure/postgresqlserver/logRetentionDays.js'),
807817
'connectionThrottlingEnabled' : require(__dirname + '/plugins/azure/postgresqlserver/connectionThrottlingEnabled.js'),
808818
'logDurationEnabled' : require(__dirname + '/plugins/azure/postgresqlserver/logDurationEnabled.js'),
819+
'postgresqlCMKEncrypted' : require(__dirname + '/plugins/azure/postgresqlserver/postgresqlCMKEncrypted.js'),
809820
'logDisconnectionsEnabled' : require(__dirname + '/plugins/azure/postgresqlserver/logDisconnectionsEnabled.js'),
810821
'logConnectionsEnabled' : require(__dirname + '/plugins/azure/postgresqlserver/logConnectionsEnabled.js'),
811822
'logCheckpointsEnabled' : require(__dirname + '/plugins/azure/postgresqlserver/logCheckpointsEnabled.js'),
@@ -815,7 +826,13 @@ module.exports = {
815826
'geoRedundantBackupEnabled' : require(__dirname + '/plugins/azure/postgresqlserver/geoRedundantBackupEnabled.js'),
816827
'postgresqlServerHasTags' : require(__dirname + '/plugins/azure/postgresqlserver/postgresqlServerHasTags.js'),
817828
'postgresqlInfraDoubleEncryption': require(__dirname + '/plugins/azure/postgresqlserver/postgresqlInfraDoubleEncryption.js'),
829+
'postgresqlPrivateEndpoints' : require(__dirname + '/plugins/azure/postgresqlserver/postgresqlPrivateEndpoints.js'),
818830
'azureServicesAccessDisabled' : require(__dirname + '/plugins/azure/postgresqlserver/azureServicesAccessDisabled.js'),
831+
'postgresqlTlsVersion' : require(__dirname + '/plugins/azure/postgresqlserver/postgresqlTlsVersion.js'),
832+
'flexibleServerPrivateAccess' : require(__dirname + '/plugins/azure/postgresqlserver/flexibleServerPrivateAccess'),
833+
'diagnosticLoggingEnabled' : require(__dirname + '/plugins/azure/postgresqlserver/diagnosticLoggingEnabled.js'),
834+
'flexibleServerSCRAMEnabled' : require(__dirname + '/plugins/azure/postgresqlserver/flexibleServerSCRAMEnabled.js'),
835+
'flexibleServerDiagnosticLogs' : require(__dirname + '/plugins/azure/postgresqlserver/flexibleServerDiagnosticLogs.js'),
819836

820837
'openOracleAutoDataWarehouse' : require(__dirname + '/plugins/azure/networksecuritygroups/openOracleAutoDataWarehouse.js'),
821838
'networkWatcherEnabled' : require(__dirname + '/plugins/azure/networksecuritygroups/networkWatcherEnabled.js'),
@@ -883,6 +900,8 @@ module.exports = {
883900
'sqlServerRecurringScans' : require(__dirname + '/plugins/azure/sqlserver/sqlServerRecurringScans.js'),
884901
'sqlServerSendScanReports' : require(__dirname + '/plugins/azure/sqlserver/sqlServerSendScanReports.js'),
885902
'sqlServerHasTags' : require(__dirname + '/plugins/azure/sqlserver/sqlServerHasTags.js'),
903+
'restrictOutboundNetworking' : require(__dirname + '/plugins/azure/sqlserver/restrictOutboundNetworking.js'),
904+
'auditOperationsEnabled' : require(__dirname + '/plugins/azure/sqlserver/auditOperationsEnabled.js'),
886905

887906
'javaVersion' : require(__dirname + '/plugins/azure/appservice/javaVersion.js'),
888907
'phpVersion' : require(__dirname + '/plugins/azure/appservice/phpVersion.js'),
@@ -933,10 +952,16 @@ module.exports = {
933952
'appOrgnaizationalDirectoryAccess' : require(__dirname + '/plugins/azure/activedirectory/appOrgnaizationalDirectoryAccess.js'),
934953

935954
'dbAuditingEnabled' : require(__dirname + '/plugins/azure/sqldatabases/dbAuditingEnabled.js'),
955+
'dbDataMaskingEnabled' : require(__dirname + '/plugins/azure/sqldatabases/dbDataMaskingEnabled.js'),
936956
'sqlDbMultiAz' : require(__dirname + '/plugins/azure/sqldatabases/sqlDbMultiAz.js'),
937957
'dbRestorable' : require(__dirname + '/plugins/azure/sqldatabases/dbRestorable.js'),
958+
'dbLedgerDigestStorageEnabled' : require(__dirname + '/plugins/azure/sqldatabases/dbLedgerDigestStorageEnabled.js'),
938959
'pitrBackupEnabled' : require(__dirname + '/plugins/azure/sqldatabases/pitrBackupEnabled.js'),
939-
960+
'dbSyncGroupPrivateLink' : require(__dirname + '/plugins/azure/sqldatabases/dbSyncGroupPrivateLink.js'),
961+
'dbTDEEnabled' : require(__dirname + '/plugins/azure/sqldatabases/dbTDEEnabled.js'),
962+
'dbLedgerEnabled' : require(__dirname + '/plugins/azure/sqldatabases/dbLedgerEnabled.js'),
963+
'dbEnableSecureEnclaves' : require(__dirname + '/plugins/azure/sqldatabases/dbEnableSecureEnclaves.js'),
964+
940965
'lbHttpsOnly' : require(__dirname + '/plugins/azure/loadbalancer/lbHttpsOnly.js'),
941966
'lbNoInstances' : require(__dirname + '/plugins/azure/loadbalancer/lbNoInstances.js'),
942967
'lbHasTags' : require(__dirname + '/plugins/azure/loadbalancer/lbHasTags.js'),
@@ -974,8 +999,12 @@ module.exports = {
974999
'enableDefenderForKeyVaults' : require(__dirname + '/plugins/azure/defender/enableDefenderForKeyVaults.js'),
9751000

9761001
'agWafEnabled' : require(__dirname + '/plugins/azure/applicationGateway/agWafEnabled'),
977-
'agPreventionModeEnabled' : require(__dirname + '/plugins/azure/applicationGateway/agPreventionModeEnabled.js'),
9781002
'applicationGatewayHasTags' : require(__dirname + '/plugins/azure/applicationGateway/applicationGatewayHasTags.js'),
1003+
'agSecurityLoggingEnabled' : require(__dirname + '/plugins/azure/applicationGateway/agSecurityLoggingEnabled.js'),
1004+
'agSslPolicy' : require(__dirname + '/plugins/azure/applicationGateway/agSslPolicy'),
1005+
'agPreventionModeEnabled' : require(__dirname + '/plugins/azure/applicationGateway/agPreventionModeEnabled.js'),
1006+
'agRequestBodyInspection' : require(__dirname + '/plugins/azure/applicationGateway/agRequestBodyInspection'),
1007+
9791008
'subscriptionHasTags' : require(__dirname + '/plugins/azure/subscription/subscriptionHasTags.js'),
9801009

9811010
'rgHasTags' : require(__dirname + '/plugins/azure/resourceGroup/rgHasTags.js'),
@@ -989,7 +1018,27 @@ module.exports = {
9891018
'eventHubMinimumTLSversion' : require(__dirname + '/plugins/azure/eventhub/eventHubMinimumTLSversion.js'),
9901019

9911020
'accessLogsEnabled' : require(__dirname + '/plugins/azure/frontdoor/accessLogsEnabled.js'),
992-
'frontDoorMinimumTlsVersion' : require(__dirname + '/plugins/azure/frontdoor/frontDoorMinimumTlsVersion.js')
1021+
'frontDoorMinimumTlsVersion' : require(__dirname + '/plugins/azure/frontdoor/frontDoorMinimumTlsVersion.js'),
1022+
1023+
'amsStorageAccountIdentity' : require(__dirname + '/plugins/azure/mediaServices/amsStorageAccountIdentity.js'),
1024+
'afdSecurityLoggingEnabled' : require(__dirname + '/plugins/azure/frontdoor/afdSecurityLoggingEnabled.js'),
1025+
'frontDoorWafDefaultRateLimit' : require(__dirname + '/plugins/azure/frontdoor/frontDoorWafDefaultRateLimit.js'),
1026+
'frontDoorAzureManagedDomain' : require(__dirname + '/plugins/azure/frontdoor/frontDoorAzureManagedDomain.js'),
1027+
'frontDoorWafDetectionMode' : require(__dirname + '/plugins/azure/frontdoor/frontDoorWafDetectionMode.js'),
1028+
'frontDoorRequestBodyInspection': require(__dirname + '/plugins/azure/frontdoor/frontDoorRequestBodyInspection.js'),
1029+
'frontDoorWafEnabled' : require(__dirname + '/plugins/azure/frontdoor/frontDoorWafEnabled.js'),
1030+
'frontDoorHttpsOnly' : require(__dirname + '/plugins/azure/frontdoor/frontDoorHttpsOnly.js'),
1031+
'botProtectionEnabled' : require(__dirname + '/plugins/azure/frontdoor/botProtectionEnabled.js'),
1032+
1033+
'namespaceEncryptionAtRest' : require(__dirname + '/plugins/azure/servicebus/namespaceEncryptionAtRest.js'),
1034+
'namespaceTlsVersion' : require(__dirname + '/plugins/azure/servicebus/namespaceTlsVersion.js'),
1035+
'namespaceLocalAuth' : require(__dirname + '/plugins/azure/servicebus/namespaceLocalAuth.js'),
1036+
'namespaceLoggingEnabled' : require(__dirname + '/plugins/azure/servicebus/namespaceLoggingEnabled.js'),
1037+
1038+
'amsDiagnosticLogsEnabled' : require(__dirname + '/plugins/azure/mediaServices/amsDiagnosticLogsEnabled.js'),
1039+
'amsPublicAccessDisabled' : require(__dirname + '/plugins/azure/mediaServices/amsPublicAccessDisabled.js'),
1040+
'amsManagedIdentityEnabled' : require(__dirname + '/plugins/azure/mediaServices/amsManagedIdentityEnabled.js'),
1041+
'amsClassicApiDisabled' : require(__dirname + '/plugins/azure/mediaServices/amsClassicApiDisabled.js')
9931042
},
9941043
github: {
9951044
'publicKeysRotated' : require(__dirname + '/plugins/github/users/publicKeysRotated.js'),

helpers/aws/api.js

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -628,6 +628,20 @@ var calls = {
628628
paginate: 'NextToken'
629629
}
630630
},
631+
Bedrock:{
632+
listCustomModels:{
633+
property: 'modelSummaries',
634+
paginate: 'NextToken',
635+
},
636+
listModelCustomizationJobs:{
637+
property: 'modelCustomizationJobSummaries"',
638+
paginate: 'NextToken',
639+
},
640+
getModelInvocationLoggingConfiguration: {
641+
property: 'loggingConfig',
642+
paginate: 'NextToken'
643+
}
644+
},
631645
CloudFormation: {
632646
listStacks: {
633647
property: 'StackSummaries',
@@ -1855,6 +1869,20 @@ var postcalls = [
18551869
},
18561870
sendIntegration: serviceMap['Backup']
18571871
},
1872+
Bedrock:{
1873+
getCustomModel: {
1874+
reliesOnService: 'bedrock',
1875+
reliesOnCall: 'listCustomModels',
1876+
filterKey: 'modelIdentifier',
1877+
filterValue: 'modelName',
1878+
},
1879+
getModelCustomizationJob: {
1880+
reliesOnService: 'bedrock',
1881+
reliesOnCall: 'listModelCustomizationJobs',
1882+
filterKey: 'jobIdentifier',
1883+
filterValue: 'jobArn',
1884+
}
1885+
},
18581886
CloudFormation: {
18591887
describeStackEvents: {
18601888
reliesOnService: 'cloudformation',

helpers/aws/api_multipart.js

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -118,6 +118,20 @@ var calls = [
118118
paginate: 'NextToken'
119119
}
120120
},
121+
Bedrock:{
122+
listCustomModels:{
123+
property: 'modelSummaries',
124+
paginate: 'NextToken',
125+
},
126+
listModelCustomizationJobs:{
127+
property: 'modelCustomizationJobSummaries"',
128+
paginate: 'NextToken',
129+
},
130+
getModelInvocationLoggingConfiguration: {
131+
property: 'loggingConfig',
132+
paginate: 'NextToken'
133+
}
134+
},
121135
CloudFormation: {
122136
listStacks: {
123137
property: 'StackSummaries',
@@ -1250,6 +1264,20 @@ var postcalls = [
12501264
filterValue: 'BackupPlanId',
12511265
}
12521266
},
1267+
Bedrock:{
1268+
getCustomModel: {
1269+
reliesOnService: 'bedrock',
1270+
reliesOnCall: 'listCustomModels',
1271+
filterKey: 'modelIdentifier',
1272+
filterValue: 'modelName',
1273+
},
1274+
getModelCustomizationJob: {
1275+
reliesOnService: 'bedrock',
1276+
reliesOnCall: 'listModelCustomizationJobs',
1277+
filterKey: 'jobIdentifier',
1278+
filterValue: 'jobArn',
1279+
}
1280+
},
12531281
CloudFront: {
12541282
getDistribution: {
12551283
reliesOnService: 'cloudfront',

helpers/aws/regions.js

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -41,6 +41,7 @@ module.exports = {
4141
acm: [...regions, ...newRegionsUpdate],
4242
apigateway: [...regions, ...newRegionsUpdate],
4343
athena: regions,
44+
bedrock: ['us-east-1', 'us-west-2', 'ap-southeast-1', 'ap-northeast-1', 'eu-central-1'],
4445
cloudfront: ['us-east-1'], // CloudFront uses the default global region
4546
autoscaling: [...regions, ...newRegionsUpdate],
4647
iam: ['us-east-1'],

helpers/aws/regions_china.js

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@ module.exports = {
1414
acm: [],
1515
apigateway: regions,
1616
athena: [],
17+
bedrock:[],
1718
cloudfront: [],
1819
efs: [],
1920
autoscaling: regions,

helpers/aws/regions_gov.js

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@ module.exports = {
1414
apigateway: regions,
1515
athena: regions,
1616
backup: regions,
17+
bedrock: [],
1718
cloudfront: [],
1819
autoscaling: regions,
1920
iam: regions,

helpers/aws/regions_gov_fedramp_east_1.js

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@ module.exports = {
1111
apigateway: regions,
1212
athena: regions,
1313
backup: regions,
14+
bedrock: [],
1415
cloudfront: [],
1516
autoscaling: regions,
1617
iam: regions,

helpers/aws/regions_gov_fedramp_west_1.js

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@ module.exports = {
1111
apigateway: regions,
1212
athena: regions,
1313
backup: regions,
14+
bedrock: [],
1415
cloudfront: [],
1516
autoscaling: regions,
1617
iam: regions,

0 commit comments

Comments
 (0)