The highest tagged major version is v2.

discovery

package

v1.10.1 Latest Latest Go to latest Published: Nov 10, 2023 License: Apache-2.0 Imports: 27 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/clouditor/clouditor

Links

Open Source Insights

README ¶

Discovery Status

✅: Discovered
❌: Not Discovered
🚫: Not available

Compute

Expand

Function

Evidence	Azure	AWS
Compute	✅	✅
RuntimeLanguage	✅	❌
RuntimeVersion	✅	❌

VirtualMachine

Evidence	Azure	AWS
Compute	✅	✅
BlockStorage	✅	✅
MalwareProtection	✅	❌
BootLogging	✅	✅
OSLogging	✅	✅
AutomaticUpdates	✅	❌

Compute

Evidence	Azure	AWS
Resource	✅	✅
NetworkInterfaces	✅	✅
ResourceLogging	✅
Backups	❌

Resource

Evidence	Azure	AWS
ID	✅	✅
Name	✅	✅
Type	✅	✅
GeoLocation	✅	✅
Labels	✅	✅

OSLogging

Evidence	Azure	AWS
Auditing	✅	🚫
SecurityFeature	✅	🚫
Enabled	✅	❌
LoggingService	✅	🚫
RetentionPeriod	✅	🚫

BootLogging

Evidence	Azure	AWS
Auditing	✅	🚫
SecurityFeature	✅	🚫
Enabled	✅	❌
LoggingService	✅	🚫
RetentionPeriod	✅	🚫

ResourceLogging

Evidence	Azure	AWS
MonitoringLogDataEnabled	✅
SecurityAlertsEnabled	✅

BlockStorage

Evidence	Azure	AWS
Resource	✅	✅
AtRestEncryption	✅	✅
Immutability	✅	❌
Backups	✅	❌

ManagedKeyEncryption

Evidence	Azure	AWS
Enabled	✅	❌
Algorithm	✅	❌

CustomerKeyEncryption

Evidence	Azure	AWS
Enabled	✅	❌
Algorithm	❌	❌
KeyUrl	✅	❌

Network

Expand

LoadBalancer

Evidence	Azure	AWS
Networkservice	✅	❌
AccessRestriction	✅	❌
HttpEndpoints	✅	❌
Networkservices	✅	❌
Urls	✅	❌

Networkservice

Evidence	Azure	AWS
Networking	✅	❌
Authenticity	✅	❌
Compute	✅	❌
TransportEncryption	✅	❌
Ips	✅	❌
Ports	✅	❌

Networkinterfaces

Evidence	Azure	AWS
Networking	✅	✅
Networkservice	❌	❌
AccessRestriction	partly	❌

Storage

Expand

ObjectStorage

Evidence	Azure	AWS
Storage	✅	✅
PublicAccess	✅	❌
Backups	✅

Storage

Evidence	Azure	AWS
Resource	✅	✅
AtRestEncryption	✅	✅
Immutability	✅	❌
ResourceLogging	✅
Backups	✅

ObjectStorageService

Evidence	Azure	AWS
NetworkService	✅	✅
HttpEndpoint	✅	✅

Networkservice

Evidence	Azure	AWS
Networking	✅	✅
Authenticity	❌	❌
Compute	❌	❌
TransportEncryption	✅	✅
Ips	❌	❌
Ports	❌	❌

HttpEndpoint

Evidence	Azure	AWS
Url	✅	✅
TransportEncryption	✅	✅

FileStorage

Evidence	Azure	AWS
Storage	✅	❌
Backups		❌

ManagedKeyEncryption

Evidence	Azure	AWS
Enabled	✅	✅
Algorithm	✅	✅

CustomerKeyEncryption

Evidence	Azure	AWS
Enabled	✅	✅
Algorithm	❌	❌
KeyUrl	✅	✅

Database Storage

Evidence	Azure	AWS
Storage	✅	❌
Parent	✅	❌

Database Service

Evidence	Azure	AWS
NetworkService	✅	❌
AnomalyDetection	✅	❌

Networkservice

Evidence	Azure	AWS
Networking	✅	✅
Authenticity	❌	❌
Compute	❌	❌
TransportEncryption	❌	✅
Ips	❌	❌
Ports	❌	❌

Azure Backup

Expand

There are 2 different backup solutions for different resources

Backup Vaults and
Recovery Services Vault.

Resource	Backup Vaults	Recovery Services Vault
Azure Virtual Machine		x
Azure Storage (Files)		x
Azure Backup Agent		x
Azure Backup Server		x
DPM		x
SQL in Azure VM		x
SAP HANA in Azure VM		x
Azure Storage (Blobs)	x
Azure disks	x
Azure Database for PostgreSQL servers	x
Kubernetes Services	x

Documentation ¶

Index ¶

Constants
type Configuration
type DiscoveryEvent
type DiscoveryEventType
type Service
- func NewService(opts ...ServiceOption) *Service
type ServiceOption

Constants ¶

View Source

const (
	ProviderAWS   = "aws"
	ProviderK8S   = "k8s"
	ProviderAzure = "azure"
)

View Source

const (
	// DefaultAssessmentAddress specifies the default gRPC address of the assessment service.
	DefaultAssessmentAddress = "localhost:9090"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Configuration ¶ added in v1.3.6

type Configuration struct {
	Interval time.Duration
}

type DiscoveryEvent ¶ added in v1.6.2

type DiscoveryEvent struct {
	Type            DiscoveryEventType
	DiscovererName  string
	DiscoveredItems int
	Time            time.Time
}

DiscoveryEvent represents an event that is emitted if certain situations happen in the discoverer (defined by DiscoveryEventType). Examples would be the start or the end of the discovery. We will potentially expand this in the future.

type DiscoveryEventType ¶ added in v1.6.2

type DiscoveryEventType int

DiscoveryEventType defines the event types for DiscoveryEvent.

const (
	// DiscovererStart is emmited at the start of a discovery run.
	DiscovererStart DiscoveryEventType = iota
	// DiscovererFinished is emmited at the end of a discovery run.
	DiscovererFinished
)

type Service ¶

type Service struct {
	discovery.UnimplementedDiscoveryServer
	discovery.UnimplementedExperimentalDiscoveryServer

	Events chan *DiscoveryEvent
	// contains filtered or unexported fields
}

Service is an implementation of the Clouditor Discovery service (plus its experimental extensions). It should not be used directly, but rather the NewService constructor should be used.

func NewService ¶ added in v1.3.3

func NewService(opts ...ServiceOption) *Service

func (*Service) GetCloudServiceId ¶ added in v1.7.8

func (svc *Service) GetCloudServiceId() string

GetCloudServiceId implements CloudServiceRequest for this service. This is a little trick, so that we can call CheckAccess directly on the service. This is necessary because the discovery service itself is tied to a specific cloud service ID, instead of the individual requests that are made against the service.

func (*Service) ListGraphEdges ¶ added in v1.10.0

func (svc *Service) ListGraphEdges(ctx context.Context, req *discovery.ListGraphEdgesRequest) (res *discovery.ListGraphEdgesResponse, err error)

func (*Service) ListResources ¶ added in v1.7.8

func (svc *Service) ListResources(ctx context.Context, req *discovery.ListResourcesRequest) (res *discovery.ListResourcesResponse, err error)

func (*Service) Shutdown ¶ added in v1.3.4

func (svc *Service) Shutdown()

func (*Service) Start ¶

func (svc *Service) Start(ctx context.Context, req *discovery.StartDiscoveryRequest) (resp *discovery.StartDiscoveryResponse, err error)

Start starts discovery

func (*Service) StartDiscovery ¶ added in v1.3.3

func (svc *Service) StartDiscovery(discoverer discovery.Discoverer)

func (*Service) UpdateResource ¶ added in v1.10.0

func (svc *Service) UpdateResource(ctx context.Context, req *discovery.UpdateResourceRequest) (res *discovery.Resource, err error)

type ServiceOption ¶ added in v1.3.14

type ServiceOption func(*Service)

ServiceOption is a functional option type to configure the discovery service.

func WithAssessmentAddress ¶ added in v1.3.14

func WithAssessmentAddress(target string, opts ...grpc.DialOption) ServiceOption

WithAssessmentAddress is an option to configure the assessment service gRPC address.

func WithAuthorizationStrategy ¶ added in v1.7.8

func WithAuthorizationStrategy(authz service.AuthorizationStrategy) ServiceOption

WithAuthorizationStrategy is an option that configures an authorization strategy to be used with this service.

func WithCloudServiceID ¶ added in v1.6.2

func WithCloudServiceID(ID string) ServiceOption

WithCloudServiceID is an option to configure the cloud service ID for which resources will be discovered.

func WithOAuth2Authorizer ¶ added in v1.4.0

func WithOAuth2Authorizer(config *clientcredentials.Config) ServiceOption

WithOAuth2Authorizer is an option to use an OAuth 2.0 authorizer

func WithProviders ¶ added in v1.4.0

func WithProviders(providersList []string) ServiceOption

WithProviders is an option to set providers for discovering

func WithStorage ¶ added in v1.7.6

func WithStorage(storage persistence.Storage) ServiceOption

WithStorage is an option to set the storage. If not set, NewService will use inmemory storage.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
aws
azure
k8s

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL