in cartography/intel/aws/ec2.py [0:0]
def load_load_balancers(session, data, region, current_aws_account_id, aws_update_tag):
ingest_load_balancer = """
MERGE (elb:LoadBalancer{id: {ID}})
ON CREATE SET elb.firstseen = timestamp(), elb.createdtime = {CREATED_TIME}
SET elb.lastupdated = {aws_update_tag}, elb.name = {NAME}, elb.dnsname = {DNS_NAME},
elb.canonicalhostedzonename = {HOSTED_ZONE_NAME}, elb.canonicalhostedzonenameid = {HOSTED_ZONE_NAME_ID},
elb.scheme = {SCHEME}, elb.region = {Region}
WITH elb
MATCH (aa:AWSAccount{id: {AWS_ACCOUNT_ID}})
MERGE (aa)-[r:RESOURCE]->(elb)
ON CREATE SET r.firstseen = timestamp()
SET r.lastupdated = {aws_update_tag}
"""
ingest_load_balancersource_security_group = """
MATCH (elb:LoadBalancer{id: {ID}}),
(group:EC2SecurityGroup{name: {GROUP_NAME}})
MERGE (elb)-[r:SOURCE_SECURITY_GROUP]->(group)
ON CREATE SET r.firstseen = timestamp()
SET r.lastupdated = {aws_update_tag}
"""
ingest_load_balancer_security_group = """
MATCH (elb:LoadBalancer{id: {ID}}),
(group:EC2SecurityGroup{groupid: {GROUP_ID}})
MERGE (elb)-[r:MEMBER_OF_EC2_SECURITY_GROUP]->(group)
ON CREATE SET r.firstseen = timestamp()
SET r.lastupdated = {aws_update_tag}
"""
ingest_instances = """
MATCH (elb:LoadBalancer{id: {ID}}), (instance:EC2Instance{instanceid: {INSTANCE_ID}})
MERGE (elb)-[r:EXPOSE]->(instance)
ON CREATE SET r.firstseen = timestamp()
SET r.lastupdated = {aws_update_tag}
WITH instance
MATCH (aa:AWSAccount{id: {AWS_ACCOUNT_ID}})
MERGE (aa)-[r:RESOURCE]->(instance)
ON CREATE SET r.firstseen = timestamp()
SET r.lastupdated = {aws_update_tag}
"""
for lb in data['LoadBalancerDescriptions']:
load_balancer_id = lb["DNSName"]
session.run(
ingest_load_balancer,
ID=load_balancer_id,
CREATED_TIME=str(lb["CreatedTime"]),
NAME=lb["LoadBalancerName"],
DNS_NAME=load_balancer_id,
HOSTED_ZONE_NAME=lb.get("CanonicalHostedZoneName", ""),
HOSTED_ZONE_NAME_ID=lb.get("CanonicalHostedZoneNameID", ""),
SCHEME=lb.get("Scheme", ""),
AWS_ACCOUNT_ID=current_aws_account_id,
Region=region,
aws_update_tag=aws_update_tag
)
if lb["Subnets"]:
load_load_balancer_subnets(session, load_balancer_id, lb["Subnets"], aws_update_tag)
if lb["SecurityGroups"]:
for group in lb["SecurityGroups"]:
session.run(
ingest_load_balancer_security_group,
ID=load_balancer_id,
GROUP_ID=str(group),
aws_update_tag=aws_update_tag
)
if lb["SourceSecurityGroup"]:
source_group = lb["SourceSecurityGroup"]
session.run(
ingest_load_balancersource_security_group,
ID=load_balancer_id,
GROUP_NAME=source_group["GroupName"],
aws_update_tag=aws_update_tag
)
if lb["Instances"]:
for instance in lb["Instances"]:
session.run(
ingest_instances,
ID=load_balancer_id,
INSTANCE_ID=instance["InstanceId"],
AWS_ACCOUNT_ID=current_aws_account_id,
aws_update_tag=aws_update_tag
)
if lb["ListenerDescriptions"]:
load_load_balancer_listeners(session, load_balancer_id, lb["ListenerDescriptions"], aws_update_tag)