in cartography/intel/aws/ec2.py [0:0]
def load_ec2_instance_network_interfaces(session, instance_data, aws_update_tag):
ingest_network_interface = """
MATCH (instance:EC2Instance{instanceid: {InstanceId}})
MERGE (interface:NetworkInterface{id: {NetworkId}})
ON CREATE SET interface.firstseen = timestamp()
SET interface.status = {Status}, interface.mac_address = {MacAddress}, interface.description = {Description},
interface.private_dns_name = {PrivateDnsName}, interface.private_ip_address = {PrivateIpAddress},
interface.lastupdated = {aws_update_tag}
MERGE (instance)-[r:NETWORK_INTERFACE]->(interface)
ON CREATE SET r.firstseen = timestamp()
SET r.lastupdated = {aws_update_tag}
WITH interface
MERGE (subnet:EC2Subnet{subnetid: {SubnetId}})
ON CREATE SET subnet.firstseen = timestamp()
SET subnet.lastupdated = {aws_update_tag}
MERGE (interface)-[r:PART_OF_SUBNET]->(subnet)
ON CREATE SET r.firstseen = timestamp()
SET r.lastupdated = {aws_update_tag}
"""
ingest_network_group = """
MATCH (interface:NetworkInterface{id: {NetworkId}}),
(group:EC2SecurityGroup{groupid: {GroupId}})
MERGE (interface)-[r:MEMBER_OF_EC2_SECURITY_GROUP]->(group)
ON CREATE SET r.firstseen = timestamp()
SET r.lastupdated = {aws_update_tag}
"""
instance_id = instance_data["InstanceId"]
for interface in instance_data["NetworkInterfaces"]:
session.run(
ingest_network_interface,
InstanceId=instance_id,
NetworkId=interface["NetworkInterfaceId"],
Status=interface["Status"],
MacAddress=interface.get("MacAddress", ""),
Description=interface.get("Description", ""),
PrivateDnsName=interface.get("PrivateDnsName", ""),
PrivateIpAddress=interface.get("PrivateIpAddress", ""),
SubnetId=interface.get("SubnetId", ""),
aws_update_tag=aws_update_tag
)
for group in interface.get("Groups", []):
session.run(
ingest_network_group,
NetworkId=interface["NetworkInterfaceId"],
GroupId=group["GroupId"],
aws_update_tag=aws_update_tag
)