@red2k18 red2k18 released this Jan 12, 2019

Assets 2

Summary

Infrastructure

  • Forseti VMs will now be able to pick the latest patches of the current minor version by resetting the VM (e.g. v2.10.0 -> v2.10.1).

Inventory

  • Cloud Asset Inventory data: Added support for fetching Cloud Dataproc Clusters, CloudSQL instances, PubSub subscriptions, IAM policies, Compute VpnTunnel, TargetVpnGateway resources, and compute project resources from Cloud Asset data.
  • Made Cloud Asset API timeout configurable.
  • Default asset types in CAI export to only asset Forseti supports.

Notifier

  • Re-designed the email notifier to make it simpler and more flexible to add the email connector as needed.
  • Added email_connector section in forseti_conf_server.yaml to provide email connector details which will be used to send out email notifications.

Scanner

  • Lien Scanner: Updated to add wildcard support to resource_id.
  • IAM Scanner: Updated to audit allUsers correctly.

Explain

  • Improved Explain to work with allUsers and allAuthenticatedUsers.
  • Updated Explain to support expanding special bindings.

Thanks to our contributors!

All changes

496ccfa (tag: v2.10.0, origin/dev, origin/HEAD, dev) minor fix (#2478)
384d5ca Email Connector Interface Implementation (#2445)
617f37a Dynamic patch update (#2469)
89d0b5e Fix inventory summary when no detail results are found. (#2450)
d7fc489 Add support for Cloud Dataproc Clusters from Cloud Asset export.
0ba397f Add support for PubSub subscriptions and IAM policies.
8011283 Add support for Compute VpnTunnel and TargetVpnGateway resources. (#2455)
ecf0f3e Add support for logConfig to Enforcer rules. (#2454)
69390d7 Modify enforcer to apply changes to one VPC network at a time. (#2439)
904972d Ensure tests are always consistent when dicts are translated to strings. (#2451)
862408c Add bigquery dataset support to iam_rules_scanner. (#2448)
d7e7344 Make Cloud Asset API timeout configurable. (#2449)
0338ccc Merge pull request #2444 from GoogleCloudPlatform/expand-legacy-project-bindings
05cf4f3 Add detailed comment to update_members argument.
c706961 Fix explainer to work with allUsers and allAuthenticatedUsers
3ca2840 Update Explainer model to support expanding special bindings.
d98b269 (origin/test_previous_working_commit, origin/email_adap) changed forseti's assigned bigquery role from bigquery.dataViewer to bigquery.metadataViewer (#2395)
3eeea92 Merge pull request #2438 from GoogleCloudPlatform/cai-limit-assettypes
6d58557 Update server config comment and list of all asset types.
57e4f74 Merge branch 'dev' into cai-limit-assettypes
d002e85 Add support for fetching compute project resource from Cloud Asset data. (#2437)
a2aa7b0 Support crawling cloudsql Intances from Cloud Asset data. (#2436)
132b4a3 (origin/cai-limit-assettypes) Default asset types in CAI export to only assets Forseti supports.
2f1edbb Add project_id to Big Query resources (#2393)
baae8ea Fixed cloud sql issue (#2384)
85523ff Change google.bigquery.Dataset to google.cloud.bigquery.Dataset (#2386)
d002e85 Add support for fetching compute project resource from Cloud Asset data. (#2437)
a2aa7b0 Support crawling cloudsql Intances from Cloud Asset data. (#2436)
132b4a3 (origin/cai-limit-assettypes) Default asset types in CAI export to only assets Forseti supports.
2f1edbb Add project_id to Big Query resources (#2393)
baae8ea Fixed cloud sql issue (#2384)
85523ff Change google.bigquery.Dataset to google.cloud.bigquery.Dataset (#2386)
1f603a5 Disable pulling bigquery data from CAI (#2377)
44bc021 Updated KE Cluster to use unique ID instead of display name. (#2369)
323a9f5 + Increment version to 2.9.0
e9afbee Bigquery retention inventory part (for review) (#2306)
81d731f make wildcard zero or more by default (#2379)
31e557d support wildcard in lien resources (#2380)