cloud_scanner.contracts package

Submodules

cloud_scanner.contracts.account_service module

class cloud_scanner.contracts.account_service.AccountService

Bases: abc.ABC

Service to retrieve account information for cloud provider.

get_accounts()
Returns:list of accounts from cloud provider

cloud_scanner.contracts.account_service_factory module

class cloud_scanner.contracts.account_service_factory.AccountServiceFactory

Bases: object

Factory to instantiate account services for cloud providers.

classmethod create(service_type: str) → cloud_scanner.contracts.account_service.AccountService

Create an account service based on service type.

Parameters:service_type – str
Returns:
classmethod get_providers()
classmethod register_factory(service_type: str, factory_func)
cloud_scanner.contracts.account_service_factory.register_account_service(service_name, service_factory)

Registers an account service for a cloud provider.

Parameters:
  • service_name – name of cloud provider (‘aws’ or ‘azure’)
  • service_factory
Returns:

cloud_scanner.contracts.cloud_config_generator module

class cloud_scanner.contracts.cloud_config_generator.CloudConfigGenerator(storage_container: cloud_scanner.contracts.storage_container.StorageContainer)

Bases: object

Generate cloud configuration file for process workflow.

generate_config(providers_types: list, resource_types: list)

Generate cloud configuration payload.

Parameters:
  • providers_types – comma-separated list of cloud providers (azure, aws, gcp)
  • resource_types – comma-separated list of cloud resource types
Returns:

str of Json payload
output_config(config)

Upload config payload to Storage container.

Parameters:config – json payload of config
Returns:None

cloud_scanner.contracts.cloud_config_reader module

class cloud_scanner.contracts.cloud_config_reader.CloudConfigReader(container_service: cloud_scanner.contracts.storage_container.StorageContainer)

Bases: object

Helper to read cloud configuration file.

read_config()

Read cloud configuration file from storage container.

Returns:json payload of cloud config

cloud_scanner.contracts.queue module

class cloud_scanner.contracts.queue.Queue

Bases: abc.ABC

Generic Queue interface.

Any queue implementation must expose the methods detailed in this interface.

peek()

Returns the first message flom the queue, leaving the message in the queue.

Returns:First message in the queue
pop()

Pops the first message fom the queue and returns it.

Returns:The first message in the queue
push(message)

Pushes a message onto the queue.

Parameters:message – The message that will be pushed onto the queue

cloud_scanner.contracts.queue_factory module

class cloud_scanner.contracts.queue_factory.QueueFactory

Bases: object

Singleton factory responsible for creating queues.

classmethod create(queue_name: str) → cloud_scanner.contracts.queue.Queue

Returns a queue with ‘queue_name’ of type specified in the config “QUEUE_TYPE” property.

Parameters:queue_name – Name of the queue
Returns:Implemented instance of the Queue contract
classmethod register_factory(service_type: str, factory_func)

Utility function used to register a type of queue with a string name.

Primarily used by the ‘register_queue_service’ decorator.

cloud_scanner.contracts.queue_factory.register_queue_service(service_name, service_factory)

Decorator used to register an implementation of a queue with the queue factory.

Parameters:
  • service_name – The name to register this type of queue as.
  • service_factory – A function or lambda that takes a queue_name (as a string) and will return an instance of the queue implementation.

cloud_scanner.contracts.resource module

class cloud_scanner.contracts.resource.Resource(d: dict)

Bases: abc.ABC

Base class for cloud resource object.

account_id
Returns:account ID for account resource lives in
app_name
Returns:app name
environment
Returns:environment of resource
id
Returns:resource ID
location
Returns:location of resource
name
Returns:name of resource
provider_type
Returns:Resource provider type
raw
Returns:raw resource data
tag_guid
Returns:guid of tag
tag_name
Returns:name of tag
tags
Returns:Dictionary of tags
to_dict()
Returns:Dictionary with resource data
to_normalized_dict()

Create normalized dictionary for resource across cloud providers.

Returns:Normalized dictionary
to_str()
Returns:JSON str of resource dictionary
type
Returns:resource type

cloud_scanner.contracts.resource_service module

class cloud_scanner.contracts.resource_service.ResourceFilter

Bases: abc.ABC

Base class for a resource filter.

normalized_filter()

Not implemented in this class.

class cloud_scanner.contracts.resource_service.ResourceService

Bases: abc.ABC

Base class for resource service.

get_filter(payload) → cloud_scanner.contracts.resource_service.ResourceFilter

Get filter object based on payload Not implemented in this class.

get_resources(filter: cloud_scanner.contracts.resource_service.ResourceFilter = None)

Get resources based on filter Not implemented in this class.

name

Name of resource service Not implemented in this class.

update_resource(resource)

Update resource within cloud service provider Not implemented in this class.

cloud_scanner.contracts.resource_service_factory module

class cloud_scanner.contracts.resource_service_factory.ResourceServiceFactory

Bases: object

Instantiate resource services.

classmethod create(service_type: str, subscription_id) → cloud_scanner.contracts.resource_service.ResourceService

Create resource service.

Parameters:
  • service_type – type of service
  • subscription_id – cloud service subscription or account ID
Returns:

Resource service object
classmethod register_factory(service_type: str, factory_func)

Register factory.

Parameters:
  • service_type – type of service of factory
  • factory_func – Function to intantiate service
Returns:

None
cloud_scanner.contracts.resource_service_factory.register_resource_service(service_name, service_factory)

Register resource service.

Parameters:
  • service_name – Name of service
  • service_factory – Function to instantiate service
Returns:

None

cloud_scanner.contracts.resource_storage_factory module

class cloud_scanner.contracts.resource_storage_factory.ResourceStorageFactory

Bases: object

Instantiate resource storage services.

classmethod create() → cloud_scanner.contracts.table_storage.TableStorage

Create resource storage service.

Returns:Resource storage service object
classmethod register_factory(service_type: str, factory_func)

Register factory.

Parameters:
  • service_type – type of service of factory
  • factory_func – Function to intantiate service
Returns:

None
cloud_scanner.contracts.resource_storage_factory.register_resource_storage(service_name, service_factory)

Register resource storage service.

Parameters:
  • service_name – Name of service
  • service_factory – Function to instantiate service
Returns:

None

cloud_scanner.contracts.rule module

class cloud_scanner.contracts.rule.Rule

Bases: abc.ABC

Interface of a rule.

Any implemented rule must define each method described in this interface.

check_condition(resource: cloud_scanner.contracts.resource.Resource) → bool

Returns True/False whether the rule should be performed on the input resource.

Parameters:resource – The resource to check if the rule should be ran upon.
Returns:Boolean if the resource should be processed with the rule.
process(resource: cloud_scanner.contracts.resource.Resource) → bool

Processes the resource with the rule.

Parameters:resource – The resource to be processed with the rule.
Returns:Boolean if the rule had any effect.

cloud_scanner.contracts.rule_factory module

class cloud_scanner.contracts.rule_factory.RuleFactory

Bases: object

Rule factory responsible for maintaining a list of rule definitions and returning instances of all registered rules.

Attributes:
_rules_factories: A list of lambda/functions that will instantiate an instance of each unique rule.
classmethod get_rules() → list

Returns an instantiated list of each rule that has been registered.

Returns:list[Rule] a list of instantiated rules.
classmethod register_rule(rule_func)

Utility function used by the register_rule decorator to register a lambda/function to instantiate a rule.

cloud_scanner.contracts.rule_factory.register_rule(factory_func=None)

Decorator for registering a rule with the rule factory.

Parameters:factory_func – Optional lambda/function that will create and return an instance of the rule. Required if the rule has an __init__ function that takes any parameter other than self.

cloud_scanner.contracts.storage_container module

class cloud_scanner.contracts.storage_container.StorageContainer

Bases: abc.ABC

Base class for storage container.

get_blob_to_text(file)

Get text content from file in storage container Not implemented in this class.

list_blobs()

Get list of files in storage container Not implemented in this class.

upload_text(filename, text)

Upload text to file in storage container Not implemented in this class.

cloud_scanner.contracts.storage_container_factory module

class cloud_scanner.contracts.storage_container_factory.StorageContainerFactory

Bases: object

Instantiate storage container services.

classmethod create() → cloud_scanner.contracts.storage_container.StorageContainer

Create storage container service.

Returns:Storage container service object
classmethod register_factory(service_type: str, factory_func)

Register factory.

Parameters:
  • service_type – type of service of factory
  • factory_func – Function to intantiate service
Returns:

None
cloud_scanner.contracts.storage_container_factory.register_storage_container(service_name, service_factory)

Register storage container service.

Parameters:
  • service_name – Name of service
  • service_factory – Function to instantiate service
Returns:

None

cloud_scanner.contracts.table_storage module

class cloud_scanner.contracts.table_storage.TableStorage

Bases: abc.ABC

Base class for Table Storage.

delete(partition_key, row_key)

Delete specific entry in Table Storage Not implemented in this class.

query(partition_key, row_key)

Query Table Storage for specific entry Not implemented in this class.

query_list() → list

Get list of all entries in table storage Not implemented in this class.

write(entry)

Write entry to Table Storage Not implemented in this class.

write_entries(entries)

Write collection of entries to Table Storage Not implemented in this class.

cloud_scanner.contracts.tag_update_rule module

class cloud_scanner.contracts.tag_update_rule.TagUpdateRule(queue: cloud_scanner.contracts.queue.Queue)

Bases: cloud_scanner.contracts.rule.Rule

Utility base class for a rule that will update the tags on a given resource. Any tag update will be pushed onto a queue with a message containing the resource and a dictionary of tags to append.

Attributes:
_queue: An instance of the queue to push the tag update message to.
get_tags(resource: cloud_scanner.contracts.resource.Resource) → dict

The dictionary of tags to update the resource with.

Parameters:resource – The resource to update tags on.
Returns:dict of tags as key value pairs.
process(resource: cloud_scanner.contracts.resource.Resource)

Processes the resource with the rule. The resource will first be checked to see the rule should be run using ‘check_condition’.

Parameters:resource – The resource to be processed with the rule.
Returns:Boolean if the rule was run.

Module contents